| waaw.ac/styles/global/jquery-eu-cookie-law-popup.css |  190.115.19.71 | | 49 kB |
URL waaw.ac/styles/global/jquery-eu-cookie-law-popup.css IP190.115.19.71:0 ASN#262254 DDOS-GUARD CORP.
File typegzip compressed data, from Unix Hash35816c6a84463dca53031b5dd8ea8791 e069ab7f8f26259d54f8158f91267c32ff1ebb67 fa40c834468d802e472e733bb34b15a0cd73e23bc460d074c262e265077062f3
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /styles/global/jquery-eu-cookie-law-popup.css HTTP/1.1
Host: waaw.ac
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://waaw.ac/f/MJcrktS91uFtPongo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Jan 2024 18:09:37 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 11 Mar 2017 18:53:53 GMT
etag: W/"58c447c1-79f"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
|
|
| arkadyczsk.com/wp-content/uploads/2023/12/batman-begins-logo-png-20.png |  172.67.199.220 | | 4.0 kB |
URL arkadyczsk.com/wp-content/uploads/2023/12/batman-begins-logo-png-20.png IP172.67.199.220:0
File typePNG image data, 250 x 100, 8-bit/color RGBA, non-interlaced Hash3b1fbaddec1ff60ebdabd24269e620af bf8934a8b02dcc66bd87a07e1240bf631481ec02 eae4e666b85e038c62a8199007f1c90b411bd9f0fabeeed1012f8fdbe712028b
GET /wp-content/uploads/2023/12/batman-begins-logo-png-20.png HTTP/1.1
Host: arkadyczsk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://premiumhlzaa.miliongames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Jan 2024 18:09:39 GMT
content-type: image/png
content-length: 3968
last-modified: Sat, 09 Dec 2023 18:59:55 GMT
vary: Accept-Encoding
etag: "6574b92b-f80"
expires: Sat, 27 Jan 2024 10:52:08 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2531851
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3W6PXlG5k%2FzzFkQN0t%2BT0dLsVn9Q0HmDCTT7K6MSN7rwtCraMYc3PVPeqrgveKB7m%2BkZN72q2TbihY1NKtGm4JMNRPvY27rf7Vm18CFfK16fDuwQDBFtInbNU1vIUs1BFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 84bab54cbfedb505-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| arkadyczsk.com/wp-content/plugins/buddypress/bp-templates/bp-nouveau/css/buddypress.min.css?ver=11.3.2 | 172.67.199.220 | | 17 kB |
URL arkadyczsk.com/wp-content/plugins/buddypress/bp-templates/bp-nouveau/css/buddypress.min.css?ver=11.3.2 IP172.67.199.220:0
File typeASCII text, with very long lines (65536), with no line terminators Hash69c7cc5932dd818a49d650a37d8c154a 2043eab681eb1ad22051657c666efc1f332e8c64 2ad76bd42dda4947bf279df539a8d4c4b0ad9448020f4e2da79c63db37c8a1a6
GET /wp-content/plugins/buddypress/bp-templates/bp-nouveau/css/buddypress.min.css?ver=11.3.2 HTTP/1.1
Host: arkadyczsk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://premiumhlzaa.miliongames.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Jan 2024 18:09:39 GMT
content-type: text/css
last-modified: Tue, 31 Oct 2023 05:07:43 GMT
vary: Accept-Encoding
etag: W/"65408b9f-1a41b"
expires: Sat, 27 Jan 2024 10:52:08 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2531851
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eRZXENOLoIDjQPX2dw63KBm2MQ1ZPLr3XxOhQn%2F7OlI2JiKPmKXpsGSdioW1BbFfu16WNk4yISXtjvkJgy8dhfhqbohA2dbW%2BtjlTDqcp2s3w8k3Qlr7YhtPN4MtaMvLoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 84bab54caf9cb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| arkadyczsk.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0 | 172.67.199.220 | | 34 kB |
URL arkadyczsk.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0 IP172.67.199.220:0
File typeJavaScript source, ASCII text, with very long lines (65447) Hashff04dd1ef5c67998d8652330c0441689 5e6ff5bd5240181a8bdea983837f39ac231dac4d 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.0 HTTP/1.1
Host: arkadyczsk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://premiumhlzaa.miliongames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Jan 2024 18:09:39 GMT
content-type: application/javascript
last-modified: Wed, 11 Oct 2023 23:10:23 GMT
vary: Accept-Encoding
etag: W/"65272b5f-155ba"
expires: Sat, 27 Jan 2024 10:52:08 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2531851
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3MHlfgNbsnY8oU7Um5mkt8BQ4u3XKjsJjYCiOwB4yhI3vECvIY8EedQ190RZ1Nx4C7nHZb6wIC1Ll73JyDZA80IXk46Emqrb1RpkM7ZL83hLuw2j9%2FkwT74%2FFHIzVJ92vw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 84bab54cbfb5b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| GET fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%2C300&ver=6.3.2 | 142.250.74.106 | 200 OK | 1.1 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%2C300&ver=6.3.2 IP142.250.74.106:443
Requested byhttps://premiumhlzaa.miliongames.com/highlights CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint89:28:B5:6E:7C:E5:97:43:A6:48:34:12:2C:71:3F:67:E0:7C:6A:66 ValidityTue, 02 Jan 2024 13:09:23 GMT - Tue, 26 Mar 2024 13:09:22 GMT
File typegzip compressed data, max compression Hash59488a74c420269a9d9fcb2f84c49323 7279baef6d1aa5e93526d8f4a2b1a54c39b07432 dff72e803229d06d454956368052f33ff4bc9868e9db4dca413ec09605a92721
GET /css?family=Roboto+Condensed%3A400%2C700%2C300&ver=6.3.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://premiumhlzaa.miliongames.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Jan 2024 18:09:40 GMT
date: Fri, 26 Jan 2024 18:09:40 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| arkadyczsk.com/wp-content/themes/kizitheme/images/search.png | 172.67.199.220 | | 915 B |
URL arkadyczsk.com/wp-content/themes/kizitheme/images/search.png IP172.67.199.220:0
File typePNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced Hashf16088312c5f783dfb807a3ae4170fec a4f319b20394d7593cb2bae7a683c75acb15810e 39a1a12523530085e8302e0e3cf71374bfc493b74a36369cb3f6eb640630eca9
GET /wp-content/themes/kizitheme/images/search.png HTTP/1.1
Host: arkadyczsk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://arkadyczsk.com/wp-content/themes/kizitheme/style.css?ver=6.3.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Jan 2024 18:09:40 GMT
content-type: image/png
content-length: 915
last-modified: Wed, 11 Oct 2023 23:10:23 GMT
vary: Accept-Encoding
etag: "65272b5f-393"
expires: Sat, 27 Jan 2024 10:52:08 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2531852
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3BzLgyHh2Qy0N4x3PaaXoF%2FpLyGDszcqqVr%2BZ92VlHKkMsTS3jve7ucUg4%2FfHLFhmzahkpYBCECXFhreU7lecEgTzLMg1Cf3BMA3XEnZ0RxsmFXF69Q1ORUZOLeZJAsEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 84bab5522dccb50b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| POST premiumhlzaa.miliongames.com/highlights | 172.67.170.64 | 200 OK | 28 kB |
URL User Request POST HTTP/3premiumhlzaa.miliongames.com/highlights IP172.67.170.64:443
CertificateIssuerGoogle Trust Services LLC Subjectmiliongames.com Fingerprint85:6D:15:E0:66:A8:94:D2:0E:63:C9:42:E3:99:B5:E4:D5:84:27:3B ValidityThu, 25 Jan 2024 21:31:10 GMT - Wed, 24 Apr 2024 21:31:09 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (9470) Hashc95ea6f6fe1837cdeaa8583e7bce39ae ae82304ec9c96ce0f01bacb4bbdccad2e154b48d bdbb22a0ef522468318803edd3e5f7ec28dce679398ad561efb84319b8be34b5
POST /highlights HTTP/1.1
Host: premiumhlzaa.miliongames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 718
Origin: https://premiumhlzaa.miliongames.com
DNT: 1
Connection: keep-alive
Referer: https://premiumhlzaa.miliongames.com/?data=def50200f5ce4a15f77c37e21095ee5356efd8d883af48a2f3f256608d849e42688e8d2a5e7cb868c3ff90ac275b2be68b9bf5710d15b106ed583a18e631a0efb8c44cd26b2ad728d20be7a9115ee87714e0d88644dc43168a1a50d5ec9ddbd56bd76de934cf47b4a22c6d474a1c7c69f0dcf8c3a3d6cfcfa807eb3f8e5ffbba050769a4ad5bfa77c96163e88ec9d83d3a8c48f0572f178100febec88c8f71fcfd0dd28fd214b64ebf3505890a95c6fca3c97344abb7fe32000b97d5b5d9b60542e381a5318ef556cd6500617aa2ec73237dd5074ef341db3dd200c74f7740e0439b6dcf7549313e5ef64467f76b88b20cc9a9d55322bd5b585fef2c13e4f1c5be5e0fecd482623eda509ebe71ce55f04c35a5b0351cb0863778a42f2a5250ca983a6d81227422a88ccd3e86edf0bd167647b929da82809c7f92da04ae8fcb451c541d493c282ee1d05b331defd7cf820084db909aa4322ee02f53503cb8672c
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Jan 2024 18:09:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-frame-options: https://premiumovyan.miliongames.com/highlights, SAMEORIGIN
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zrvd2P3ww8nVKLJp1bgHD7%2FroGzpwsFOw%2B0SlE03ca2v9%2BjsTXl%2B8SgcT7eVmD4v%2FobAVaeKdjSxxrpyVPw9S%2BJyrgO3%2FvKU%2Br0KBnJpkL56wHIamcDuLK1KnPuGlK81cpOTHuuNpH1Afqx58j0Z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 84bab549a9a2b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arkadyczsk.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 | 172.67.199.220 | | 5.5 kB |
URL arkadyczsk.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP172.67.199.220:0
File typeJavaScript source, ASCII text, with very long lines (13479) Hash9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: arkadyczsk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://premiumhlzaa.miliongames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Jan 2024 18:09:39 GMT
content-type: application/javascript
last-modified: Wed, 11 Oct 2023 23:10:23 GMT
vary: Accept-Encoding
etag: W/"65272b5f-3509"
expires: Sat, 27 Jan 2024 10:52:07 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2531851
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DC0aqodPSjNnWPsY7xT%2BdXrlukDD1JDsBmaQmtKd%2BFLkWkUhcSALsE7IEHIeLP9A85SSUN9Uamf1lNQqZVGakkGOkrwtK5GC7I9d7CZ39YrEwg6RS9XiAUXHt3DdV4BpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 84bab54cbfb6b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| arkadyczsk.com/wp-content/themes/kizitheme/font/iconfont.woff?60403388 | 172.67.199.220 | | 11 kB |
URL arkadyczsk.com/wp-content/themes/kizitheme/font/iconfont.woff?60403388 IP172.67.199.220:0
File typeWeb Open Font Format, TrueType, length 10968, version 1.0 Hash3d41587a5a9079b419a4c0a56d77cc40 ec80b38407d7012d4e4aa999acac28094b505e79 a73c3d5995e2b9438a42cb9b65351b943265fbde78b8b3b581e67d5018a49af0
GET /wp-content/themes/kizitheme/font/iconfont.woff?60403388 HTTP/1.1
Host: arkadyczsk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://premiumhlzaa.miliongames.com
DNT: 1
Connection: keep-alive
Referer: https://arkadyczsk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Jan 2024 18:09:40 GMT
content-type: font/woff
content-length: 10968
last-modified: Wed, 11 Oct 2023 23:10:23 GMT
vary: Accept-Encoding
etag: "65272b5f-2ad8"
expires: Sun, 25 Feb 2024 10:38:23 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27077
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x3Yw2WeSIgl6IQ03fMUP3N8UrxPkFJFDPBCK6ZTQ6srEI%2BdJGIT9NmGmI6tK%2BhZ5KpbES2OkoYsKK9HK0L3xZi54IHGr4c5qVP1b%2FhEJ6g0pWV93t3yAxnypW7lPvVKnPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 84bab5525e2bb50b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| arkadyczsk.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.1.6 | 172.67.199.220 | | 7.4 kB |
URL arkadyczsk.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.1.6 IP172.67.199.220:0
Hash359aca8a88b2331aa34ac505acad9911 800a4f56bb87049e1f0d45cf93c4e8ef79144b45 655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
GET /wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.1.6 HTTP/1.1
Host: arkadyczsk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://premiumhlzaa.miliongames.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Jan 2024 18:09:39 GMT
content-type: text/css
last-modified: Fri, 20 Oct 2023 04:08:42 GMT
vary: Accept-Encoding
etag: W/"6531fd4a-6a71"
expires: Sat, 27 Jan 2024 10:52:08 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2531851
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5JAN%2BbDj2aWriE%2FB70MLzNIhzRkAJ70BCePTE7EOsmi3KYc1oIIwix%2BR40O6nf8qCGbRf5bgq7uCmimxrFsMmwV%2BXumWCW%2Bnq%2B3JwbP1KxJLcJst0SljZzQJa0Ehsc%2FTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 84bab54cafa5b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 | 142.250.74.99 | | 51 kB |
URL fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 IP142.250.74.99:0
File typeWeb Open Font Format (Version 2), TrueType, length 51404, version 1.0 Hashb904fcdf1c4c6059fadd6893a7bc7619 f41d1674f02616f03ef77d4e84b3ad8ba28a36fc 517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
GET /s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://premiumhlzaa.miliongames.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 51404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Jan 2024 04:35:55 GMT
expires: Fri, 24 Jan 2025 04:35:55 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
content-type: font/woff2
age: 135225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| arkadyczsk.com/wp-content/themes/kizitheme/style.css?ver=6.3.2 | 172.67.199.220 | | 55 kB |
URL arkadyczsk.com/wp-content/themes/kizitheme/style.css?ver=6.3.2 IP172.67.199.220:0
Hashfd224401e64e275a389385aae4f67bce 6f48c688883e1e53127d753bd6e597420bc78e19 acc32c1030654659ed8e167d5c82ef5ad511261b6140a82f4874c3e389bf4d15
GET /wp-content/themes/kizitheme/style.css?ver=6.3.2 HTTP/1.1
Host: arkadyczsk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://premiumhlzaa.miliongames.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Jan 2024 18:09:39 GMT
content-type: text/css
last-modified: Wed, 11 Oct 2023 23:10:23 GMT
vary: Accept-Encoding
etag: W/"65272b5f-3ee2"
expires: Sat, 27 Jan 2024 10:52:08 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2531851
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O1BnB8P4l%2BhqNbFLy55P3sKQXIb5%2BkFQp8SNWkQyGz929Cxn%2FDZAzl%2Fz54o1UCXNMRDiVKQx4R%2Bk8nLMxDzlmGRfED5Z%2Bmp5uUAkHHUiDNz4EoPzGYE0BXHujIx1N2793g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 84bab54cafa7b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| arkadyczsk.com/wp-includes/css/dashicons.min.css?ver=6.3.2 | 172.67.199.220 | | 40 kB |
URL arkadyczsk.com/wp-includes/css/dashicons.min.css?ver=6.3.2 IP172.67.199.220:0
File typeASCII text, with very long lines (58981) Hashd68d6bf519169d86e155bad0bed833f8 27ba9c67d0e775fc4e6dd62011daf4c3902698fc c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
GET /wp-includes/css/dashicons.min.css?ver=6.3.2 HTTP/1.1
Host: arkadyczsk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://premiumhlzaa.miliongames.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Jan 2024 18:09:39 GMT
content-type: text/css
last-modified: Wed, 11 Oct 2023 23:10:23 GMT
vary: Accept-Encoding
etag: W/"65272b5f-e688"
expires: Sat, 27 Jan 2024 10:52:07 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2531852
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdEz53P44cwhTcY%2BUaT7BUc9zLjhALCwiBVvGAqb1i3CHs%2B5AMYd2pPQq%2FRnv%2B8yERTI4s0Nb6iKOS6OYw98HFzfY5LBemof2dQxfr0o5arItY%2Bajv%2BKc7B%2FzCUSwFLSiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 84bab54caf96b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| adipolo.com/wp-content/uploads/2020/06/adipolo_logo.png | 172.67.151.150 | | 7.1 kB |
URL adipolo.com/wp-content/uploads/2020/06/adipolo_logo.png IP172.67.151.150:0
File typePNG image data, 159 x 30, 8-bit/color RGBA, non-interlaced Hash9144b08276094534499e409d4be115ed a2d3460da5082c8a65f7b26d0e07d710fd8d5997 2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c
GET /wp-content/uploads/2020/06/adipolo_logo.png HTTP/1.1
Host: adipolo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://premiumhlzaa.miliongames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Jan 2024 18:09:40 GMT
content-type: image/png
content-length: 7068
last-modified: Tue, 02 Jun 2020 09:04:16 GMT
etag: "5ed61610-1b9c"
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 5659098
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBfvlFpd7729ycL0FbV6XEZQUVD%2B0fwvk%2Fy87q6%2B%2BwPLLe0ePwvyK5I1P5ey8EqBea20Y%2BDf%2F7rQwcHE%2BdsEtoqcpwf7kBk9tsrAwSUmb9XO2jX1K%2FFSJh7oB9e68w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 84bab5533f367128-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| player.adipolosolutions.com/cdn/tags/tag_f762fefc-c922-414d-a4f8-bff7d9fdbf9b.js | 34.107.214.50 | | 42 kB |
URL player.adipolosolutions.com/cdn/tags/tag_f762fefc-c922-414d-a4f8-bff7d9fdbf9b.js IP34.107.214.50:0
File typeJavaScript source, ASCII text, with very long lines (2000) Hash39a2852af8c73b0c39a3d45f6ba62bb1 1f04851b970cbbb904969b0d15a2dbd468c21064 9ccd7ab7d826402c97ef34a3350e71ecef6922cc7f3c8e13103706287e05b24a
GET /cdn/tags/tag_f762fefc-c922-414d-a4f8-bff7d9fdbf9b.js HTTP/1.1
Host: player.adipolosolutions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://premiumhlzaa.miliongames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ABPtcPoe0cp-5EgnaWF1T1E_DvfTtNMPnHb8TbP6Pe6WwOWeDNrzllPFywKpXGEY_Q0jRUooow
x-goog-generation: 1706019351126510
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 42098
x-goog-hash: crc32c=r0hykQ==, md5=OaKFKvjHOww5o9Rfa6YrsQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 42098
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
server: UploadServer
date: Fri, 26 Jan 2024 17:16:36 GMT
age: 3184
last-modified: Tue, 23 Jan 2024 14:15:51 GMT
etag: "39a2852af8c73b0c39a3d45f6ba62bb1"
content-type: text/javascript;charset=UTF-8
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| GET arkadyczsk.com/wp-content/themes/kizitheme/font/iconfont.ttf?60403388 | 172.67.199.220 | 200 OK | 16 kB |
URL GET HTTP/3arkadyczsk.com/wp-content/themes/kizitheme/font/iconfont.ttf?60403388 IP172.67.199.220:443
Requested byhttps://premiumhlzaa.miliongames.com/highlights CertificateIssuerLet's Encrypt Subjectarkadyczsk.com Fingerprint4E:0C:EA:37:32:A6:50:95:EB:F5:F8:98:54:B9:65:31:E3:FB:40:16 ValiditySat, 09 Dec 2023 19:49:30 GMT - Fri, 08 Mar 2024 19:49:29 GMT
File typeTrueType Font data, 10 tables, 1st "OS/2", 18 names, Macintosh, Copyright (C) 2014 by original authors @ fontello.comiconfontRegulariconfonticonfontVersion 1.0i Hash235b2e351e677542d5a99820d9ead18f 0158dbe78971581300a324487c94ac9b8051590b fc64fde0da9df3d6b5e76c52d1526b8e01414d03a570b2615f4769069466ad6c
GET /wp-content/themes/kizitheme/font/iconfont.ttf?60403388 HTTP/1.1
Host: arkadyczsk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://premiumhlzaa.miliongames.com
DNT: 1
Connection: keep-alive
Referer: https://arkadyczsk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Jan 2024 18:09:40 GMT
content-type: application/octet-stream
content-length: 15932
last-modified: Wed, 11 Oct 2023 23:10:23 GMT
vary: Accept-Encoding
etag: "65272b5f-3e3c"
expires: Sun, 25 Feb 2024 10:38:23 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27076
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZf0YBWvQ2JB9Al9QeOnnckpTlnqatzNSqjPou6LUnmYzSaDcm6jGgQelFPFAkSVu%2FLN8%2BtYanb5GLP9pO3OATYDV3lDbIfXr5QlOV%2F5s9LeAiWrBYMz5gLP9Y89YvcuUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 84bab553f8dbb50b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 | 142.250.74.99 | | 51 kB |
URL fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 IP142.250.74.99:0
File typeWeb Open Font Format (Version 2), TrueType, length 51404, version 1.0 Hashb904fcdf1c4c6059fadd6893a7bc7619 f41d1674f02616f03ef77d4e84b3ad8ba28a36fc 517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
GET /s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://premiumhlzaa.miliongames.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 51404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Jan 2024 04:35:55 GMT
expires: Fri, 24 Jan 2025 04:35:55 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
content-type: font/woff2
age: 135225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.youtube.com/s/desktop/54055272/jsbin/scheduler.vflset/scheduler.js | 142.250.74.110 | | 3.7 kB |
URL www.youtube.com/s/desktop/54055272/jsbin/scheduler.vflset/scheduler.js IP142.250.74.110:0
File typeJavaScript source, ASCII text, with very long lines (516) Hashdac3d45d4ce59d457459a8dbfcd30232 946dd6b08eb3cf2d063410f9ef2636d648ddb747 58ae013b8e95b7667124263f632b49a10acf7da2889547f2d9e4b279708a29f0
GET /s/desktop/54055272/jsbin/scheduler.vflset/scheduler.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/live_chat?v=vKYKG4WCqTA&embed_domain=premiumhlzaa.miliongames.com&dark_theme=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 3702
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Jan 2024 07:59:23 GMT
expires: Sat, 25 Jan 2025 07:59:23 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 23 Jan 2024 20:14:46 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 36617
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| GET www.youtube.com/s/desktop/54055272/jsbin/network.vflset/network.js | 142.250.74.110 | 200 OK | 6.2 kB |
URL GET HTTP/3www.youtube.com/s/desktop/54055272/jsbin/network.vflset/network.js IP142.250.74.110:443
Requested byhttps://www.youtube.com/live_chat?v=vKYKG4WCqTA&embed_domain=premiumhlzaa.miliongames.com&dark_theme=1 CertificateIssuerGoogle Trust Services LLC Subject*.google.com FingerprintC5:94:19:42:28:3A:57:36:10:5E:4A:4E:7B:CE:5E:33:B7:50:8D:89 ValidityTue, 02 Jan 2024 13:02:52 GMT - Tue, 26 Mar 2024 13:02:51 GMT
File typeJavaScript source, ASCII text, with very long lines (1973) Hashad6aa3451e397522b056e0b8efb6cc27 2b491439bddfd73418cde3ef59b309259c58928e b6ecc4abde3468769ff07bc6f76f694f1e738aef7ef71572bf2d20f5b9d69eb4
GET /s/desktop/54055272/jsbin/network.vflset/network.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/live_chat?v=vKYKG4WCqTA&embed_domain=premiumhlzaa.miliongames.com&dark_theme=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 6223
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Jan 2024 14:45:02 GMT
expires: Sat, 25 Jan 2025 14:45:02 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 23 Jan 2024 20:14:46 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 12278
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/s/desktop/54055272/jsbin/web-animations-next-lite.min.vflset/web-animations-next-lite.min.js | 142.250.74.110 | | 15 kB |
URL www.youtube.com/s/desktop/54055272/jsbin/web-animations-next-lite.min.vflset/web-animations-next-lite.min.js IP142.250.74.110:0
File typeJavaScript source, ASCII text, with very long lines (715) Hash44ca3d8fd5ff91ed90d1a2ab099ef91e 79b76340ca0781fd98aa5b8fdca9496665810195 c12e3ac9660ae5de2d775a8c52e22610fff7a651fa069cfa8f64675a7b0a6415
GET /s/desktop/54055272/jsbin/web-animations-next-lite.min.vflset/web-animations-next-lite.min.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/live_chat?v=vKYKG4WCqTA&embed_domain=premiumhlzaa.miliongames.com&dark_theme=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 15172
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Jan 2024 15:04:14 GMT
expires: Thu, 23 Jan 2025 15:04:14 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 23 Jan 2024 20:14:46 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 183926
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/s/desktop/54055272/jsbin/custom-elements-es5-adapter.vflset/custom-elements-es5-adapter.js | 142.250.74.110 | | 789 B |
URL www.youtube.com/s/desktop/54055272/jsbin/custom-elements-es5-adapter.vflset/custom-elements-es5-adapter.js IP142.250.74.110:0
File typeJavaScript source, ASCII text, with very long lines (511) Hasha94e7cd86f5824e27720f5d3c712df9a 7bf52949685727d7133f452b432a57615e40978f 59ce6bdf8e3d17bb68667499c34a3ec32b9f7836dbca59d03237a4c9fffefd35
GET /s/desktop/54055272/jsbin/custom-elements-es5-adapter.vflset/custom-elements-es5-adapter.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/live_chat?v=vKYKG4WCqTA&embed_domain=premiumhlzaa.miliongames.com&dark_theme=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 789
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Jan 2024 03:15:27 GMT
expires: Fri, 24 Jan 2025 03:15:27 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 23 Jan 2024 20:14:46 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 140053
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/s/desktop/54055272/jsbin/webcomponents-sd.vflset/webcomponents-sd.js | 142.250.74.110 | | 23 kB |
URL www.youtube.com/s/desktop/54055272/jsbin/webcomponents-sd.vflset/webcomponents-sd.js IP142.250.74.110:0
File typeJavaScript source, ASCII text, with very long lines (1210) Hash908e3a26a43d87bac9396377a9c4b6a8 b9ddb61f1d0a4ed930881b909d3a4b01b2e62c7a 417fd55b390293d45901b37398acfc8c3b4fede6a395f541c2ee48f732990d61
GET /s/desktop/54055272/jsbin/webcomponents-sd.vflset/webcomponents-sd.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/live_chat?v=vKYKG4WCqTA&embed_domain=premiumhlzaa.miliongames.com&dark_theme=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 22937
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Jan 2024 05:32:23 GMT
expires: Sat, 25 Jan 2025 05:32:23 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 23 Jan 2024 20:14:46 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 45437
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/s/desktop/54055272/jsbin/intersection-observer.min.vflset/intersection-observer.min.js | 142.250.74.110 | | 2.1 kB |
URL www.youtube.com/s/desktop/54055272/jsbin/intersection-observer.min.vflset/intersection-observer.min.js IP142.250.74.110:0
File typeJavaScript source, ASCII text, with very long lines (533) Hash936a7c8159737df8dce532f9ea4d38b4 8834ea22eff1bdfd35d2ef3f76d0e552e75e83c5 3ea95af77e18116ed0e8b52bb2c0794d1259150671e02994ac2a8845bd1ad5b9
GET /s/desktop/54055272/jsbin/intersection-observer.min.vflset/intersection-observer.min.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/live_chat?v=vKYKG4WCqTA&embed_domain=premiumhlzaa.miliongames.com&dark_theme=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2090
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Jan 2024 12:20:45 GMT
expires: Sat, 25 Jan 2025 12:20:45 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 23 Jan 2024 20:14:46 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 20935
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| serv-selectmedia.com/cdn/player/style.css | 34.107.214.50 | | 571 B |
URL serv-selectmedia.com/cdn/player/style.css IP34.107.214.50:0
File typeASCII text, with very long lines (1363) Hash9e3710914c2094ea297df539e8b8224f d165b3586b84d7707469ac3e280c826ff9b6c32c 4672b37f99a355152ea5257ba3187597fb9a12fb33a06492131461f469f5dd09
GET /cdn/player/style.css HTTP/1.1
Host: serv-selectmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://premiumhlzaa.miliongames.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ABPtcPrD5c8rcZGC7yUp4JLpZGEONKGwaSyMMnefKQhHQ9RbE5Zk9BRZazMrWMjgFySHaQTpS42YBiTyyw
x-goog-generation: 1660556359399621
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 571
content-encoding: gzip
x-goog-hash: crc32c=GiK3YQ==, md5=Oo1smT8KfjSuB/jobDHmMg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 571
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
server: UploadServer
date: Fri, 26 Jan 2024 13:04:11 GMT
age: 18329
last-modified: Mon, 15 Aug 2022 09:39:19 GMT
etag: "3a8d6c993f0a7e34ae07f8e86c31e632"
content-type: text/css
vary: Accept-Encoding
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| serv-selectmedia.com/cdn/player/selectmedia-player.umd.js | 34.107.214.50 | | 47 kB |
URL serv-selectmedia.com/cdn/player/selectmedia-player.umd.js IP34.107.214.50:0
File typeJavaScript source, ASCII text, with very long lines (35792) Hashfb33aacb33063175c6e28eecb5e5569a 78a8799b872e1d1246e510f4235a091c2848f7f0 a3b8f3a26e791580496fe563692ea058d29baf1548156a808d8d31ea93e38c02
GET /cdn/player/selectmedia-player.umd.js HTTP/1.1
Host: serv-selectmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://premiumhlzaa.miliongames.com
DNT: 1
Connection: keep-alive
Referer: https://premiumhlzaa.miliongames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ABPtcPqJ83quybpPyvhl4EneslaT-r-CZUKoAxH5KHW-NtEcAxQFSM66W7uhCg51P72YAqhsr0bAhqpqFA
x-goog-generation: 1706090351870861
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 47398
content-encoding: gzip
x-goog-hash: crc32c=V7aa7A==, md5=xSJAGk0QVQ+S7FzWeswnWA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 47398
access-control-allow-origin: *
access-control-expose-headers: Accept, Authorization, Content-Length, Content-Range, Content-Type, Date, Origin, Range, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Fri, 26 Jan 2024 10:02:47 GMT
age: 29213
last-modified: Wed, 24 Jan 2024 09:59:11 GMT
etag: "c522401a4d10550f92ec5cd67acc2758"
content-type: application/javascript
vary: Accept-Encoding
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/external_hosted/lottie/lottie_light.js | 142.250.74.3 | | 35 kB |
URL www.gstatic.com/external_hosted/lottie/lottie_light.js IP142.250.74.3:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64698) Hash4014d049851b4b6ec0ba7eed8872732d 96f2ba0212cce0fd0a9ed9465b7be7414fbc17a1 f885aa9c8ef261689af96cb5f0896db880edb2f6657c390adcbcff2f4056bdb1
GET /external_hosted/lottie/lottie_light.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 35295
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Jan 2024 18:09:40 GMT
expires: Fri, 26 Jan 2024 18:09:40 GMT
cache-control: public, max-age=0
last-modified: Thu, 26 Oct 2023 15:28:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.99 | | 15 kB |
URL fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.99:0
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0 Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Jan 2024 07:19:01 GMT
expires: Fri, 24 Jan 2025 07:19:01 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 125439
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/s/desktop/54055272/jsbin/live_chat_polymer.vflset/live_chat_polymer.js | 142.250.74.110 | | 1.3 MB |
URL www.youtube.com/s/desktop/54055272/jsbin/live_chat_polymer.vflset/live_chat_polymer.js IP142.250.74.110:0
File typeJavaScript source, ASCII text, with very long lines (65405) Size1.3 MB (1271071 bytes) Hash8fd3eda91d1eba25358a8c192e4dec76 eb7f46d872c5772802539acee32e4e8acd08b0d0 532519f3820bfadc15e9331e0b57e888fcb12db2454e3f704be0c7c61d9fadcf
GET /s/desktop/54055272/jsbin/live_chat_polymer.vflset/live_chat_polymer.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/live_chat?v=vKYKG4WCqTA&embed_domain=premiumhlzaa.miliongames.com&dark_theme=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 1271071
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Jan 2024 13:25:48 GMT
expires: Sat, 25 Jan 2025 13:25:48 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 23 Jan 2024 20:14:46 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 17032
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.99 | | 16 kB |
URL fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.74.99:0
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0 Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Jan 2024 02:57:44 GMT
expires: Fri, 24 Jan 2025 02:57:44 GMT
cache-control: public, max-age=31536000
age: 141116
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| track-selectmedia.com/trackv4/?&d5=premiumhlzaa.miliongames.com&d3=02e0283e-7e2e-49d6-8af8-041b6c5c1e33&d25=82c88cba-c4bb-4011-a39c-0cd9fa88fff7&d23=tag_f762fefc-c922-414d-a4f8-bff7d9fdbf9b&d24=e2b1e1e1-fabf-41c2-8852-6e4c4362a0eb&d2=1706292581&e=0&cb=1706292581741 | 34.117.33.6 | | 0 B |
URL track-selectmedia.com/trackv4/?&d5=premiumhlzaa.miliongames.com&d3=02e0283e-7e2e-49d6-8af8-041b6c5c1e33&d25=82c88cba-c4bb-4011-a39c-0cd9fa88fff7&d23=tag_f762fefc-c922-414d-a4f8-bff7d9fdbf9b&d24=e2b1e1e1-fabf-41c2-8852-6e4c4362a0eb&d2=1706292581&e=0&cb=1706292581741 IP34.117.33.6:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trackv4/?&d5=premiumhlzaa.miliongames.com&d3=02e0283e-7e2e-49d6-8af8-041b6c5c1e33&d25=82c88cba-c4bb-4011-a39c-0cd9fa88fff7&d23=tag_f762fefc-c922-414d-a4f8-bff7d9fdbf9b&d24=e2b1e1e1-fabf-41c2-8852-6e4c4362a0eb&d2=1706292581&e=0&cb=1706292581741 HTTP/1.1
Host: track-selectmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://premiumhlzaa.miliongames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin:
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
content-type: application/json
referrer-policy: no-referrer-when-downgrade
date: Fri, 26 Jan 2024 18:09:40 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| waaw.ac/ad/top/popunder.js | 190.115.19.71 | | 21 B |
URL waaw.ac/ad/top/popunder.js IP190.115.19.71:0 ASN#262254 DDOS-GUARD CORP.
File typeASCII text, with no line terminators Hash533a813ddb8f84d7e018bf8e6296c44d 8c95af23d5dc502f1bc3395a6d2e339e696c0d3e a499068cf858aa2cd9b077e2e354b6bf8435eaa8e44c2047f403c7283031977f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /ad/top/popunder.js HTTP/1.1
Host: waaw.ac
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://waaw.ac/e/yyy?http_referer=&embed_from=embed_from&data_r=bbe9a7ada9fbcde7ee68418363ca8260
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Jan 2024 18:09:40 GMT
content-type: application/javascript; charset=UTF-8
content-length: 21
last-modified: Wed, 15 Sep 2021 14:06:22 GMT
etag: "6141fdde-15"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| GET sm1.selectmedia.asia/cdn/files/99318599-34d5-4756-9db0-903dfc4e571b | 34.107.214.50 | 200 OK | 437 B |
URL GET HTTP/2sm1.selectmedia.asia/cdn/files/99318599-34d5-4756-9db0-903dfc4e571b IP34.107.214.50:443
Requested byhttps://premiumhlzaa.miliongames.com/highlights CertificateIssuerGoogle Trust Services LLC Subjectserv-selectmedia.com Fingerprint49:3A:56:76:F7:43:28:9D:83:5A:1D:AD:98:AF:A3:AC:A4:EE:C8:55 ValiditySat, 16 Dec 2023 09:51:01 GMT - Fri, 15 Mar 2024 10:44:14 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash6aa1a6ed26fe01177bef59dec9c4b467 d17b13b155a3961b6d03478d5a3a1ca3bfeee9d3 5cc8c90f7f1e5a16f64312caa810607082fe51bc0962551d15a1f481bcdf48af
GET /cdn/files/99318599-34d5-4756-9db0-903dfc4e571b HTTP/1.1
Host: sm1.selectmedia.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://premiumhlzaa.miliongames.com/
Origin: https://premiumhlzaa.miliongames.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ABPtcPrq0DbF4cLsNpe-0i1PmWBBP8nZ9GlTKW3LH0J5p7SIxCdf-iqGJv5mTJPIC2zTmzz_ww5dUh128g
x-goog-generation: 1699549439963958
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 437
x-goog-hash: crc32c=cUJQVw==, md5=aqGm7Sb+ARd771neycS0Zw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 437
access-control-allow-origin: *
access-control-expose-headers: Accept, Authorization, Content-Length, Content-Range, Content-Type, Date, Origin, Range, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Fri, 26 Jan 2024 17:40:34 GMT
age: 1747
last-modified: Thu, 09 Nov 2023 17:03:59 GMT
etag: "6aa1a6ed26fe01177bef59dec9c4b467"
content-type: text/html; charset=utf-8
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751278_18419.js | 45.133.44.4 | | 104 kB |
URL player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751278_18419.js IP45.133.44.4:0 ASN#39572 DataWeb Global Group B.V.
File typegzip compressed data, from Unix Size104 kB (104223 bytes) Hash1cb716a061b2e10ef9bc53b492039488 97c000b6bee7b52a1385f8c7b7d3cbd1c3d2a63f 36256990108e761d91b0b231ef934247b0d5f223ea0b6dad2f5acce0eea5e949
GET /prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751278_18419.js HTTP/1.1
Host: player.aplhb.adipolo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://premiumhlzaa.miliongames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Jan 2024 18:09:41 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Tue, 24 Oct 2023 04:45:12 GMT
etag: W/"65374bd8-4ee18"
cache-control: max-age=3600
content-encoding: gzip
expires: Fri, 26 Jan 2024 19:09:41 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| arkadyczsk.com/wp-content/plugins/buddypress/bp-members/css/blocks/members.min.css?ver=11.3.2 | 172.67.199.220 | | 39 kB |
URL arkadyczsk.com/wp-content/plugins/buddypress/bp-members/css/blocks/members.min.css?ver=11.3.2 IP172.67.199.220:0
File typeASCII text, with very long lines (3917), with no line terminators Hash53e8cbb2e68441d512c9c75b94b7b30c 47daa182fd284062afaff8fc1e9b7cd3507aaf64 3051c758d532114cc20d80f740068d14ce113876fba0a6b4b2964e6725ac911d
GET /wp-content/plugins/buddypress/bp-members/css/blocks/members.min.css?ver=11.3.2 HTTP/1.1
Host: arkadyczsk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://premiumhlzaa.miliongames.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Jan 2024 18:09:39 GMT
content-type: text/css
last-modified: Tue, 31 Oct 2023 05:07:43 GMT
vary: Accept-Encoding
etag: W/"65408b9f-f4d"
expires: Sat, 27 Jan 2024 10:52:07 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2531851
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZTpdjzLHXIeiJKPfHBO9CMYq81yA2XQ6slfC%2BG4LrRmRZjuBNvkGnNSHS%2F8AXtmm1EFkydK6k9pBAVoRveq2uc5ktXLUt6GZDfRrWXOT%2FqFfLW5xD4cGol9Lb7esdb10A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 84bab54cbffab505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| GET sm1.selectmedia.asia/cdn/files/99318599-34d5-4756-9db0-903dfc4e571b | 34.107.214.50 | 200 OK | 437 B |
URL GET HTTP/2sm1.selectmedia.asia/cdn/files/99318599-34d5-4756-9db0-903dfc4e571b IP34.107.214.50:443
Requested byhttps://premiumhlzaa.miliongames.com/highlights CertificateIssuerGoogle Trust Services LLC Subjectserv-selectmedia.com Fingerprint49:3A:56:76:F7:43:28:9D:83:5A:1D:AD:98:AF:A3:AC:A4:EE:C8:55 ValiditySat, 16 Dec 2023 09:51:01 GMT - Fri, 15 Mar 2024 10:44:14 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash6aa1a6ed26fe01177bef59dec9c4b467 d17b13b155a3961b6d03478d5a3a1ca3bfeee9d3 5cc8c90f7f1e5a16f64312caa810607082fe51bc0962551d15a1f481bcdf48af
GET /cdn/files/99318599-34d5-4756-9db0-903dfc4e571b HTTP/1.1
Host: sm1.selectmedia.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://premiumhlzaa.miliongames.com/
Origin: https://premiumhlzaa.miliongames.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ABPtcPrq0DbF4cLsNpe-0i1PmWBBP8nZ9GlTKW3LH0J5p7SIxCdf-iqGJv5mTJPIC2zTmzz_ww5dUh128g
x-goog-generation: 1699549439963958
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 437
x-goog-hash: crc32c=cUJQVw==, md5=aqGm7Sb+ARd771neycS0Zw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 437
access-control-allow-origin: *
access-control-expose-headers: Accept, Authorization, Content-Length, Content-Range, Content-Type, Date, Origin, Range, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Fri, 26 Jan 2024 17:40:34 GMT
age: 1748
last-modified: Thu, 09 Nov 2023 17:03:59 GMT
etag: "6aa1a6ed26fe01177bef59dec9c4b467"
content-type: text/html; charset=utf-8
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| waaw.ac/styles/global/segment.css?11 | 190.115.19.71 | | 2.3 kB |
URL waaw.ac/styles/global/segment.css?11 IP190.115.19.71:0 ASN#262254 DDOS-GUARD CORP.
File typegzip compressed data, from Unix Hashb97348eb94e0441677d6bd622d85aa0c 615f3c86f1b802aff061f65a070c549d8ee261df 715f3cd2398867871b561ed80785ba821035b06e72f733945c457055b4025414
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /styles/global/segment.css?11 HTTP/1.1
Host: waaw.ac
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://waaw.ac/e/yyy?http_referer=&embed_from=embed_from&data_r=bbe9a7ada9fbcde7ee68418363ca8260
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Jan 2024 18:09:40 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 17 Mar 2019 16:12:54 GMT
etag: W/"5c8e7206-268"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
|
|
| arkadyczsk.com/wp-content/plugins/buddypress/bp-core/js/widget-members.min.js?ver=11.3.2 | 172.67.199.220 | | 14 kB |
URL arkadyczsk.com/wp-content/plugins/buddypress/bp-core/js/widget-members.min.js?ver=11.3.2 IP172.67.199.220:0
File typeJavaScript source, ASCII text, with very long lines (1198), with no line terminators Hashb707b86c1eedae5e92c0082a7b0d7733 0961f21ddf25ba48af0750350804add1d9644de1 0df6a46bb38d41a80a62a1c510d7047519d4d238e172c7e1ec21d4a5928ff678
GET /wp-content/plugins/buddypress/bp-core/js/widget-members.min.js?ver=11.3.2 HTTP/1.1
Host: arkadyczsk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://premiumhlzaa.miliongames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Jan 2024 18:09:39 GMT
content-type: application/javascript
last-modified: Tue, 31 Oct 2023 05:07:43 GMT
vary: Accept-Encoding
etag: W/"65408b9f-4ae"
expires: Sat, 27 Jan 2024 10:52:08 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2531851
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9b6atrYL0ybm67nNIjrwaRnAcCqjt09qihmODs74Z146cu0jvptlClxTe8j0Zt%2BusZHrgtP0vJK1vxKcr9dzZiRPu7p95B%2FwhjqufJiQ%2FfyeQD%2FUi25veCbAOR5qDQygcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 84bab54cbfb9b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.99 | | 48 kB |
URL fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.99:0
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://waaw.ac
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Jan 2024 12:19:41 GMT
expires: Sat, 25 Jan 2025 12:19:41 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 21001
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| commentsmodule.com/js/js.load.1.js?4052257419090800 |  104.21.44.89 | | 0 B |
URL commentsmodule.com/js/js.load.1.js?4052257419090800 IP104.21.44.89:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /js/js.load.1.js?4052257419090800 HTTP/1.1
Host: commentsmodule.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://waaw.ac/
Origin: https://waaw.ac
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Jan 2024 18:09:42 GMT
content-type: application/javascript; charset=UTF-8
content-length: 0
last-modified: Thu, 14 Apr 2022 12:20:52 GMT
etag: "625811a4-0"
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 5573943
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQ3L%2FtxRAAmZILC4WxyjxdJEy0aoIEFhgDwyVveXOpNFXnN9CWvPqHDNgosmAK%2BJQOlZueKIMq%2FgZCiZi6JBheFsxAk1gWNlFKbLuYs7QtAinuo7h%2Br6R42K8ipStBpd3pbmDG8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 84bab55ed9120b41-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| player.aplhb.adipolo.com/prebidlink/9l8v9/hbw_master_751278_18419.js | 45.133.44.4 | | 175 kB |
URL player.aplhb.adipolo.com/prebidlink/9l8v9/hbw_master_751278_18419.js IP45.133.44.4:0 ASN#39572 DataWeb Global Group B.V.
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size175 kB (175278 bytes) Hashbc3832375c2e3d5c9ab6c54d49948702 f990b7bffbd0e49ded77956236da886c26ee910c c8d7bdf59c39e6a4c4a36e6c74aa81ea8e68c6fbeac4a4c7ab88a4720816586a
GET /prebidlink/9l8v9/hbw_master_751278_18419.js HTTP/1.1
Host: player.aplhb.adipolo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://premiumhlzaa.miliongames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Jan 2024 18:09:41 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Wed, 24 Jan 2024 09:37:10 GMT
etag: W/"65b0da46-2019e"
cache-control: max-age=3600
content-encoding: gzip
expires: Fri, 26 Jan 2024 19:09:41 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| zerossl.ocsp.sectigo.com/ | 172.64.149.23 | | 317 B |
URL zerossl.ocsp.sectigo.com/ IP172.64.149.23:0
Hashe742f8ae93f3d84bfb7579f69eb7a13a e271f1fa28f1fe111c98dd2b9c56d5f6a9ade0dd 706cdac6f70b12bc74805d9edf9158e050e61be8128cfde18de0c8c6431503d2
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Jan 2024 18:09:42 GMT
Content-Type: application/ocsp-response
Content-Length: 317
Connection: keep-alive
Last-Modified: Fri, 26 Jan 2024 16:04:15 GMT
Expires: Fri, 02 Feb 2024 16:04:14 GMT
Etag: "e271f1fa28f1fe111c98dd2b9c56d5f6a9ade0dd"
Cache-Control: max-age=597958,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 84bab55f2de5b500-OSL
|
|
| waaw.ac/cdn-cgi/trace | 190.115.19.71 | | 146 B |
IP190.115.19.71:0 ASN#262254 DDOS-GUARD CORP.
File typeHTML document, ASCII text, with CRLF line terminators Hash8eec510e57f5f732fd2cce73df7b73ef 3c0af39ecb3753c5fee3b53d063c7286019eac3b 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/trace HTTP/1.1
Host: waaw.ac
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://waaw.ac/e/yyy?http_referer=&embed_from=embed_from&data_r=bbe9a7ada9fbcde7ee68418363ca8260
Cookie: uid=gD_tLOE3_RY096wJlb-c*q_T3DR9c*9H
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Fri, 26 Jan 2024 18:09:42 GMT
content-type: text/html; charset=UTF-8
content-length: 146
x-origin-location: /
server: Google Frontend
x-cache-status-inferno: MISS
x-inferno-location: /
X-Firefox-Spdy: h2
|
|
| zerossl.ocsp.sectigo.com/ | 172.64.149.23 | | 317 B |
URL zerossl.ocsp.sectigo.com/ IP172.64.149.23:0
Hashe742f8ae93f3d84bfb7579f69eb7a13a e271f1fa28f1fe111c98dd2b9c56d5f6a9ade0dd 706cdac6f70b12bc74805d9edf9158e050e61be8128cfde18de0c8c6431503d2
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Jan 2024 18:09:42 GMT
Content-Type: application/ocsp-response
Content-Length: 317
Connection: keep-alive
Last-Modified: Fri, 26 Jan 2024 16:04:15 GMT
Expires: Fri, 02 Feb 2024 16:04:14 GMT
Etag: "e271f1fa28f1fe111c98dd2b9c56d5f6a9ade0dd"
Cache-Control: max-age=598093,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 84bab55f28e11c0e-OSL
|
|
| waaw.ac/js/websocket_ip.min.js | 190.115.19.71 | | 1.6 kB |
URL waaw.ac/js/websocket_ip.min.js IP190.115.19.71:0 ASN#262254 DDOS-GUARD CORP.
File typegzip compressed data, from Unix Hash4c64e63fbabda075d22206d85a8bd3de 5f2f961511cab27bd89d19e73db248bc889d5acb 3975d5a1ea633e26e1a3a4a525292a45e3731c9497784cf84d5f8d427b47d767
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /js/websocket_ip.min.js HTTP/1.1
Host: waaw.ac
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://waaw.ac/e/yyy?http_referer=&embed_from=embed_from&data_r=bbe9a7ada9fbcde7ee68418363ca8260
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Jan 2024 18:09:40 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 20 Jan 2023 13:44:36 GMT
etag: W/"63ca9ac4-121c"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
|
|
| adxbid.info/miliongames_vignette.js | 172.67.138.13 | | 165 kB |
URL adxbid.info/miliongames_vignette.js IP172.67.138.13:0
File typeUnicode text, UTF-8 text, with very long lines (65534), with no line terminators Size165 kB (164783 bytes) Hash88e7ed36fa81bda717d7130b3c0e89aa 77c12e03cbb62a6f95f2d5d30cde40cdcef5b9d2 1692a8181f51a0e698d5a41560b930a0c6c79f7ae61b6cacace5f11790c5cf0a
| Analyzer | Verdict | Alert |
|---|
| Public Nextron YARA rules | malware | Unique code from Jetriz, Swid & Jeniva of the Tetris framework |
GET /miliongames_vignette.js HTTP/1.1
Host: adxbid.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://premiumhlzaa.miliongames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Jan 2024 18:09:40 GMT
content-type: application/javascript
last-modified: Wed, 17 Jan 2024 15:50:01 GMT
cache-control: max-age=1800
cf-cache-status: HIT
age: 5743
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2ByfIs%2Fr88fx7bPb6UYlOjPqrEVuLrww9pRIvag5Z6K2x%2Fcl85YkERe8QuzauhzQCm6Iwld9z0qGf6bxujp8OMyQHDQ8LL8uOlGSjFRBI2%2BHS9PIZK2Xl%2BJyzcUDqqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 84bab55549b356cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/feedback/js/help/prod/service/lazy.min.js | 142.250.74.3 | | 37 kB |
URL www.gstatic.com/feedback/js/help/prod/service/lazy.min.js IP142.250.74.3:0
File typeJavaScript source, ASCII text, with very long lines (3910) Hash76079d4916429d41076cf7fab59a4ded f89886f29dbd88a11f965f2e87bbfd9a1f237199 ed0e2f9f2a1f3571850ff20bb33952403ad424cca452a472c2736eb9014d73d4
GET /feedback/js/help/prod/service/lazy.min.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-length: 37052
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Jan 2024 17:59:04 GMT
expires: Fri, 26 Jan 2024 18:49:04 GMT
cache-control: public, max-age=3000
last-modified: Thu, 25 Jan 2024 19:14:39 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 638
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| track-selectmedia.com/trackv4/?&d3=02e0283e-7e2e-49d6-8af8-041b6c5c1e33&d4=e2b1e1e1-fabf-41c2-8852-6e4c4362a0eb&d2=1706292581&d5=miliongames.com&d28=1746&d33=4&d34=-1&d35=1&d36=7&d37=6&d38=0&d40=4&cb=1706292583707-ed03c888-ba6f-411f-be9f-970adcfb471c&e=85 | 34.117.33.6 | | 0 B |
URL track-selectmedia.com/trackv4/?&d3=02e0283e-7e2e-49d6-8af8-041b6c5c1e33&d4=e2b1e1e1-fabf-41c2-8852-6e4c4362a0eb&d2=1706292581&d5=miliongames.com&d28=1746&d33=4&d34=-1&d35=1&d36=7&d37=6&d38=0&d40=4&cb=1706292583707-ed03c888-ba6f-411f-be9f-970adcfb471c&e=85 IP34.117.33.6:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trackv4/?&d3=02e0283e-7e2e-49d6-8af8-041b6c5c1e33&d4=e2b1e1e1-fabf-41c2-8852-6e4c4362a0eb&d2=1706292581&d5=miliongames.com&d28=1746&d33=4&d34=-1&d35=1&d36=7&d37=6&d38=0&d40=4&cb=1706292583707-ed03c888-ba6f-411f-be9f-970adcfb471c&e=85 HTTP/1.1
Host: track-selectmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://premiumhlzaa.miliongames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin:
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
content-type: application/json
referrer-policy: no-referrer-when-downgrade
date: Fri, 26 Jan 2024 18:09:42 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/youtube/img/emojis/emojis-svg-9.json | 142.250.74.3 | | 48 kB |
URL www.gstatic.com/youtube/img/emojis/emojis-svg-9.json IP142.250.74.3:0
Hash44dbde1a816ec0caabb15886f64a5337 c88ff7242f06fa1f088194fd0bacf86f7b252fc7 65b1b111ff3ac107abc55c4d1643cfe058d0e987b510e5b227ea7670c1f3dbdc
GET /youtube/img/emojis/emojis-svg-9.json HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: https://www.youtube.com
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube-sponsors-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="youtube-sponsors-team"
report-to: {"group":"youtube-sponsors-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube-sponsors-team"}]}
content-length: 47551
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Jan 2024 06:43:23 GMT
expires: Fri, 24 Jan 2025 06:43:23 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Mar 2022 17:08:00 GMT
content-type: application/json
vary: Accept-Encoding, Origin
age: 127580
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| POST sghb.aplhb.adipolo.com/adunit/multitracking |  185.239.172.170 | 204 No Content | 0 B |
URL POST HTTP/1.1sghb.aplhb.adipolo.com/adunit/multitracking IP185.239.172.170:443
Requested byhttps://premiumhlzaa.miliongames.com/highlights CertificateIssuerZeroSSL Subjectsghb.aplhb.adipolo.com FingerprintDF:54:D9:55:B7:4D:AD:FD:A6:6C:0E:BE:20:C5:1A:4A:6D:2F:7E:88 ValidityMon, 22 Jan 2024 00:00:00 GMT - Sun, 21 Apr 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adunit/multitracking HTTP/1.1
Host: sghb.aplhb.adipolo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 3892
Origin: https://premiumhlzaa.miliongames.com
DNT: 1
Connection: keep-alive
Referer: https://premiumhlzaa.miliongames.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: fasthttp
Date: Fri, 26 Jan 2024 18:09:43 GMT
Access-Control-Allow-Origin: https://premiumhlzaa.miliongames.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 | 142.250.74.99 | | 12 kB |
URL fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 IP142.250.74.99:0
File typeWeb Open Font Format (Version 2), TrueType, length 11804, version 1.0 Hash16aedbf057fbb3da342211de2d071f11 fdee07631b40b264208caa8714faaa5b991d987b 7566a2f09ff8534334b7a44f72a1afaba6bdbb782209be8804636ee8b963c75f
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11804
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Jan 2024 15:50:50 GMT
expires: Sat, 25 Jan 2025 15:50:50 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:58 GMT
content-type: font/woff2
age: 8333
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| GET fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 | 142.250.74.99 | 200 OK | 12 kB |
URL GET HTTP/3fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 IP142.250.74.99:443
Requested byhttps://www.youtube.com/live_chat?v=vKYKG4WCqTA&embed_domain=premiumhlzaa.miliongames.com&dark_theme=1 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint4C:E1:1E:E3:63:49:81:BB:F5:53:CE:44:91:07:8A:14:84:70:7F:66 ValidityTue, 02 Jan 2024 13:09:26 GMT - Tue, 26 Mar 2024 13:09:25 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11936, version 1.0 Hash15d8ede0a816bc7a9838207747c6620c f6e2e75f1277c66e282553ae6a22661e51f472b8 dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11936
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Jan 2024 12:43:22 GMT
expires: Fri, 24 Jan 2025 12:43:22 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:01 GMT
content-type: font/woff2
age: 105981
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/s/gaming/emoji/0f0cae22/emoji_u1f600.svg | 142.250.74.110 | | 1.4 kB |
URL www.youtube.com/s/gaming/emoji/0f0cae22/emoji_u1f600.svg IP142.250.74.110:0
File typeSVG Scalable Vector Graphics image Hash7adf9ad1798d809c8dc543fecba9a23c ab68df5e930ef2353f8a4dfe44c5b62c08633468 da9fce2cf1c75f7aa3f1b1c8b309caddb553e4c5ea0c9e9011c4f63b4ee13059
GET /s/gaming/emoji/0f0cae22/emoji_u1f600.svg HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/live_chat?v=vKYKG4WCqTA&embed_domain=premiumhlzaa.miliongames.com&dark_theme=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 1413
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Jan 2024 10:01:53 GMT
expires: Fri, 24 Jan 2025 10:01:53 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 15 Mar 2022 22:36:52 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 115671
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.GsbA68hXs80.O/m=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo899t-H8Lxb3OqzMDuPn6TV_i36ag/cb=gapi.loaded_0 | 142.250.74.110 | | 89 kB |
URL apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.GsbA68hXs80.O/m=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo899t-H8Lxb3OqzMDuPn6TV_i36ag/cb=gapi.loaded_0 IP142.250.74.110:0
File typeJavaScript source, ASCII text, with very long lines (1505) Hashdad3436f81564f8ce28852f795e7fd85 145e35840a2430f8cf1ca53073af1178f0e1f83c 9dd086d7e9a3579caf4884525a84be114c1eb56280030592b3dc5aa2c9c547a8
GET /_/scs/abc-static/_/js/k=gapi.gapi.en.GsbA68hXs80.O/m=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo899t-H8Lxb3OqzMDuPn6TV_i36ag/cb=gapi.loaded_0 HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 88767
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Jan 2024 03:55:10 GMT
expires: Sat, 25 Jan 2025 03:55:10 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 06 Dec 2023 17:20:24 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 51274
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/s/gaming/emoji/7ff574f2/emoji_u2764.svg | 142.250.74.110 | | 611 B |
URL www.youtube.com/s/gaming/emoji/7ff574f2/emoji_u2764.svg IP142.250.74.110:0
File typeSVG Scalable Vector Graphics image Hash195273bea7dae825c7f9f0162395537a 8693d277f6c3612f7710501159799e793b7fdc44 4898de6379443cb7d32c1571c03e6e1dd10146d586dc1c530542a4e2f28d7f2f
GET /s/gaming/emoji/7ff574f2/emoji_u2764.svg HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/live_chat?v=vKYKG4WCqTA&embed_domain=premiumhlzaa.miliongames.com&dark_theme=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 611
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Jan 2024 15:03:13 GMT
expires: Sat, 25 Jan 2025 15:03:13 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 17 Nov 2020 21:15:49 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 11191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| yt4.ggpht.com/ytc/AIf8zZTQQsbZYHp7I74pB_exZhnhTxqTIl5-elybtctZ=s32-c-k-c0x00ffffff-no-rj | 142.250.74.65 | | 1.2 kB |
URL yt4.ggpht.com/ytc/AIf8zZTQQsbZYHp7I74pB_exZhnhTxqTIl5-elybtctZ=s32-c-k-c0x00ffffff-no-rj IP142.250.74.65:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 32x32, components 3 Hashb0fa363ca3bf0f941df0bb459bd79aed 04762f31ec3ffb44158a2cd402d13f47b2bfee96 42758a92576cf4d1d954f95880fd3dfd4402826db6f749dcbbe6ec115730a66c
GET /ytc/AIf8zZTQQsbZYHp7I74pB_exZhnhTxqTIl5-elybtctZ=s32-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt4.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
server: fife
content-length: 1191
x-xss-protection: 0
date: Fri, 26 Jan 2024 17:25:23 GMT
expires: Sat, 27 Jan 2024 17:25:23 GMT
cache-control: public, max-age=86400, no-transform
etag: "v7"
content-type: image/jpeg
vary: Origin
age: 2661
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| yt4.ggpht.com/ytc/AIf8zZSGOMgtaN3bGvuOkmIz_nCM71E4N-0OCloU-f-J=s32-c-k-c0x00ffffff-no-rj | 142.250.74.65 | | 1.2 kB |
URL yt4.ggpht.com/ytc/AIf8zZSGOMgtaN3bGvuOkmIz_nCM71E4N-0OCloU-f-J=s32-c-k-c0x00ffffff-no-rj IP142.250.74.65:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 32x32, components 3 Hash77cbac0e5909a8f1c868b23b34a0f022 695d3cd7362a18af9ca65316b094a9c9c28f82c4 49237a18b0d0f97de9fb4297ec6d12bb65fa9da8ed3f20274270de3d941a8516
GET /ytc/AIf8zZSGOMgtaN3bGvuOkmIz_nCM71E4N-0OCloU-f-J=s32-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt4.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
server: fife
content-length: 1153
x-xss-protection: 0
date: Fri, 26 Jan 2024 18:01:13 GMT
expires: Sat, 27 Jan 2024 18:01:13 GMT
cache-control: public, max-age=86400, no-transform
etag: "v7f"
content-type: image/jpeg
vary: Origin
age: 511
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| yt4.ggpht.com/ytc/AIf8zZRPbZNV-c3fBBkw_qtmtNtJmeazdr0drrMk_jf3=s32-c-k-c0x00ffffff-no-rj | 142.250.74.65 | | 876 B |
URL yt4.ggpht.com/ytc/AIf8zZRPbZNV-c3fBBkw_qtmtNtJmeazdr0drrMk_jf3=s32-c-k-c0x00ffffff-no-rj IP142.250.74.65:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 32x32, components 3 Hash5d40863cec4e0b2ee95d779a28e7c94f 03b2aea27a200390a1ebbbc9e46e210b942a9b8a f892a7a93f5c5bc281d838f42c5462cc46604437ebf60a368d3ee26c764f68a4
GET /ytc/AIf8zZRPbZNV-c3fBBkw_qtmtNtJmeazdr0drrMk_jf3=s32-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt4.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
server: fife
content-length: 876
x-xss-protection: 0
date: Fri, 26 Jan 2024 18:03:22 GMT
expires: Sat, 27 Jan 2024 18:03:22 GMT
cache-control: public, max-age=86400, no-transform
etag: "v10"
content-type: image/jpeg
vary: Origin
age: 382
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| yt4.ggpht.com/ytc/AIf8zZRBEmEYucGe6KsbCU_qpf64z9YLXxdWFZ3mFIYyTd9gFponImuRdIXx1bea1F2j=s32-c-k-c0x00ffffff-no-rj | 142.250.74.65 | | 524 B |
URL yt4.ggpht.com/ytc/AIf8zZRBEmEYucGe6KsbCU_qpf64z9YLXxdWFZ3mFIYyTd9gFponImuRdIXx1bea1F2j=s32-c-k-c0x00ffffff-no-rj IP142.250.74.65:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 32x32, components 3 Hashcff1e229844818d3cb788676b5915b6d 827af3b5a29f9a10bbfa945ea447346f1539ad43 e0ca921f670cc3b6c7d3818187fa45b7b21102c3669d85bca61a79b8d02754a9
GET /ytc/AIf8zZRBEmEYucGe6KsbCU_qpf64z9YLXxdWFZ3mFIYyTd9gFponImuRdIXx1bea1F2j=s32-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt4.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
server: fife
content-length: 524
x-xss-protection: 0
date: Fri, 26 Jan 2024 17:56:12 GMT
expires: Sat, 27 Jan 2024 17:56:12 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
vary: Origin
age: 812
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| yt4.ggpht.com/lUZxjinwergh7gk1S-eXgtmUl1UOOLYoWS4P4tofRuH16CMojpVIjbaSABMozl2WGTi3u_k8080=s32-c-k-c0x00ffffff-no-rj | 142.250.74.65 | | 1.5 kB |
URL yt4.ggpht.com/lUZxjinwergh7gk1S-eXgtmUl1UOOLYoWS4P4tofRuH16CMojpVIjbaSABMozl2WGTi3u_k8080=s32-c-k-c0x00ffffff-no-rj IP142.250.74.65:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 32x32, components 3 Hashec1c20ccb42b33aa9733970a91ea166b ccfb1bd05d8e1f32623a9040a944a57ab061193b 8239ad575f0944ab900886f4ce8818cbfaf97a441a8827f2350111b7203c17d6
GET /lUZxjinwergh7gk1S-eXgtmUl1UOOLYoWS4P4tofRuH16CMojpVIjbaSABMozl2WGTi3u_k8080=s32-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt4.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
server: fife
content-length: 1475
x-xss-protection: 0
date: Fri, 26 Jan 2024 18:02:35 GMT
expires: Sat, 27 Jan 2024 18:02:35 GMT
cache-control: public, max-age=86400, no-transform
age: 429
etag: "v1"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| yt4.ggpht.com/ytc/AIf8zZRhmMT57eonimkE9eAREXEbHp9PxQxNnlq2WMqoBw=s32-c-k-c0x00ffffff-no-rj | 142.250.74.65 | | 1.0 kB |
URL yt4.ggpht.com/ytc/AIf8zZRhmMT57eonimkE9eAREXEbHp9PxQxNnlq2WMqoBw=s32-c-k-c0x00ffffff-no-rj IP142.250.74.65:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 32x32, components 3 Hash69763284e822b794d64af841d1258183 dc2aa82d578a55d85f3575e7d6033fff8324fd8e a476a5e51f489e0435af637d145ca75d24b3e1cf80dc4f844a198bb9a2633858
GET /ytc/AIf8zZRhmMT57eonimkE9eAREXEbHp9PxQxNnlq2WMqoBw=s32-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt4.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
server: fife
content-length: 1024
x-xss-protection: 0
date: Fri, 26 Jan 2024 14:55:31 GMT
expires: Sat, 27 Jan 2024 14:55:31 GMT
cache-control: public, max-age=86400, no-transform
etag: "v9e"
content-type: image/jpeg
vary: Origin
age: 11653
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| yt4.ggpht.com/CPRTr-sncpRn_xGSSE0iLur4sdGQJVAobWcEpcIrAyZxf4rdSgwIsRRH8-lNPm_C35KwshLP=s32-c-k-c0x00ffffff-no-rj | 142.250.74.65 | | 1.1 kB |
URL yt4.ggpht.com/CPRTr-sncpRn_xGSSE0iLur4sdGQJVAobWcEpcIrAyZxf4rdSgwIsRRH8-lNPm_C35KwshLP=s32-c-k-c0x00ffffff-no-rj IP142.250.74.65:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 32x32, components 3 Hash27c6067448e738d8bb5801e42c7972e6 fe3fa30d801585ac51e5aa705b474b563e3e4ea7 65c0aa76c74f8945416d17ef1f2e766c23ff0602be71909af05649aae5e13dc2
GET /CPRTr-sncpRn_xGSSE0iLur4sdGQJVAobWcEpcIrAyZxf4rdSgwIsRRH8-lNPm_C35KwshLP=s32-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt4.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
server: fife
content-length: 1069
x-xss-protection: 0
date: Fri, 26 Jan 2024 17:40:39 GMT
expires: Sat, 27 Jan 2024 17:40:39 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
vary: Origin
age: 1745
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| yt4.ggpht.com/0hm5w9XhSgY0xDSHoIkN9iHmDddfAeTGZhSFscxTDAzEgcKrFyNLrJBneoihgFvny1nkGl2T7g=s32-c-k-c0x00ffffff-no-rj | 142.250.74.65 | | 1.2 kB |
URL yt4.ggpht.com/0hm5w9XhSgY0xDSHoIkN9iHmDddfAeTGZhSFscxTDAzEgcKrFyNLrJBneoihgFvny1nkGl2T7g=s32-c-k-c0x00ffffff-no-rj IP142.250.74.65:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 32x32, components 3 Hash1256b9d594d88912243b9e2646f72100 b2b933e22affcc2fb323adea31f1a7b595bb661d f0e26ad13e788042b42bf88ca95f1998e7932869dbd1a4c3dc197ab362a49ddd
GET /0hm5w9XhSgY0xDSHoIkN9iHmDddfAeTGZhSFscxTDAzEgcKrFyNLrJBneoihgFvny1nkGl2T7g=s32-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt4.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
server: fife
content-length: 1193
x-xss-protection: 0
date: Fri, 26 Jan 2024 17:51:37 GMT
expires: Sat, 27 Jan 2024 17:51:37 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
vary: Origin
age: 1087
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| GET arkadyczsk.com/wp-content/plugins/buddypress/bp-core/css/blocks/login-form.min.css?ver=11.3.2 | 172.67.199.220 | 200 OK | 1.7 kB |
URL GET HTTP/2arkadyczsk.com/wp-content/plugins/buddypress/bp-core/css/blocks/login-form.min.css?ver=11.3.2 IP172.67.199.220:443
Requested byhttps://premiumhlzaa.miliongames.com/highlights CertificateIssuerLet's Encrypt Subjectarkadyczsk.com Fingerprint4E:0C:EA:37:32:A6:50:95:EB:F5:F8:98:54:B9:65:31:E3:FB:40:16 ValiditySat, 09 Dec 2023 19:49:30 GMT - Fri, 08 Mar 2024 19:49:29 GMT
File typeASCII text, with very long lines (727), with no line terminators Hash63e1bb4a9241f930d4e4ffa311853a17 6873b626591957d56e8d53a921837aaa982c7fc9 83777842e1d7a8a995b3013c4e5df77e513327e0fbe3a40cad620e3614aabc41
GET /wp-content/plugins/buddypress/bp-core/css/blocks/login-form.min.css?ver=11.3.2 HTTP/1.1
Host: arkadyczsk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://premiumhlzaa.miliongames.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Jan 2024 18:09:39 GMT
content-type: text/css
last-modified: Tue, 31 Oct 2023 05:07:43 GMT
vary: Accept-Encoding
etag: W/"65408b9f-2d7"
expires: Sat, 27 Jan 2024 10:52:08 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2531851
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IUK%2FDOBVX9sw8VpU1y7k%2BZaPrgAVzvH9cHE6E98mPRPFJRU%2BCl53JW19LF%2Bfq0CL4bmiD1PR9SZUyoaqWChLDG5WUu9vORrR1%2BG1zNBEzUBnXipziJYLap4ltggFzctkfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 84bab54cbff2b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| waaw.ac/styles/cbv2new/theme/main.css?232 | 190.115.19.71 | | 22 kB |
URL waaw.ac/styles/cbv2new/theme/main.css?232 IP190.115.19.71:0 ASN#262254 DDOS-GUARD CORP.
File typegzip compressed data, from Unix Hashe95be61db438780a22e109ba9d335ee0 09950988a8d04036ffd694b267ae0e07657cda61 20ae67743a58cf0d3c63117ddd46782217dd9ed619254c320140003780fe2867
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /styles/cbv2new/theme/main.css?232 HTTP/1.1
Host: waaw.ac
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://waaw.ac/f/MJcrktS91uFtPongo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Jan 2024 18:09:37 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 26 Mar 2022 09:09:58 GMT
etag: W/"623ed866-148e9"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
|
|
| GET yt4.ggpht.com/ytc/AIf8zZT6BSGk81J0bPMROeBotor11hTiDkcrmvwSYlk_6zE=s32-c-k-c0x00ffffff-no-rj | 142.250.74.65 | 200 OK | 1.1 kB |
URL GET HTTP/2yt4.ggpht.com/ytc/AIf8zZT6BSGk81J0bPMROeBotor11hTiDkcrmvwSYlk_6zE=s32-c-k-c0x00ffffff-no-rj IP142.250.74.65:443
Requested byhttps://www.youtube.com/live_chat?v=vKYKG4WCqTA&embed_domain=premiumhlzaa.miliongames.com&dark_theme=1 CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint4B:81:73:84:47:16:3C:BE:C7:E3:E1:39:7F:E3:BC:B2:1D:54:DE:0D ValidityTue, 02 Jan 2024 13:08:17 GMT - Tue, 26 Mar 2024 13:08:16 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 32x32, components 3 Hash9aa177810dade80bbe86d9ffb2627e9d 3a14c13769919e8c9c385d1b72f83b09c7c197a4 01bc51ed4f8cd1b20706135fc55a15c33599b4cb638d5aeae6b6568f8164bb03
GET /ytc/AIf8zZT6BSGk81J0bPMROeBotor11hTiDkcrmvwSYlk_6zE=s32-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt4.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
server: fife
content-length: 1099
x-xss-protection: 0
date: Fri, 26 Jan 2024 17:54:45 GMT
expires: Sat, 27 Jan 2024 17:54:45 GMT
cache-control: public, max-age=86400, no-transform
etag: "vf958"
content-type: image/jpeg
vary: Origin
age: 899
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| yt4.ggpht.com/RdncW3oSso_9wzQqy-jfVABm7GBPdAfKRYQ-hFKcTtHpJB3PVc3pftGpccDsTLQ9mgwbU35sXw=s32-c-k-c0x00ffffff-no-rj | 142.250.74.65 | | 1.1 kB |
URL yt4.ggpht.com/RdncW3oSso_9wzQqy-jfVABm7GBPdAfKRYQ-hFKcTtHpJB3PVc3pftGpccDsTLQ9mgwbU35sXw=s32-c-k-c0x00ffffff-no-rj IP142.250.74.65:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 32x32, components 3 Hashc3d99fcdb7b5973f691b6615d80e4a82 7d1c8f43fab622a51a76189fa2fa8c8a36326a27 84aa3e30ba8aff02f4faa0b2e0528d68f74da48436217ad4556e77681383fda4
GET /RdncW3oSso_9wzQqy-jfVABm7GBPdAfKRYQ-hFKcTtHpJB3PVc3pftGpccDsTLQ9mgwbU35sXw=s32-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt4.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
server: fife
content-length: 1055
x-xss-protection: 0
date: Fri, 26 Jan 2024 14:13:12 GMT
expires: Sat, 27 Jan 2024 14:13:12 GMT
cache-control: public, max-age=86400, no-transform
age: 14192
etag: "v1"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| GET yt4.ggpht.com/ytc/AIf8zZQLepN-_v1fuIX83l8AJmUz5ZdHmNwtphdVUex2FNUtMCADxv-iBlyuzbnkM-uy=s32-c-k-c0x00ffffff-no-rj | 142.250.74.65 | 200 OK | 637 B |
URL GET HTTP/2yt4.ggpht.com/ytc/AIf8zZQLepN-_v1fuIX83l8AJmUz5ZdHmNwtphdVUex2FNUtMCADxv-iBlyuzbnkM-uy=s32-c-k-c0x00ffffff-no-rj IP142.250.74.65:443
Requested byhttps://www.youtube.com/live_chat?v=vKYKG4WCqTA&embed_domain=premiumhlzaa.miliongames.com&dark_theme=1 CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint4B:81:73:84:47:16:3C:BE:C7:E3:E1:39:7F:E3:BC:B2:1D:54:DE:0D ValidityTue, 02 Jan 2024 13:08:17 GMT - Tue, 26 Mar 2024 13:08:16 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 32x32, components 3 Hash457a1534906dc27dc4d69d30baa7cd53 f8d592df23f29f06ccc102a344d7f7e1242b8d83 510b6034cdcefd75f79b65aa15c6e8ea62cbab0eafebd7896fa3696e2adf1ed0
GET /ytc/AIf8zZQLepN-_v1fuIX83l8AJmUz5ZdHmNwtphdVUex2FNUtMCADxv-iBlyuzbnkM-uy=s32-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt4.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
server: fife
content-length: 637
x-xss-protection: 0
date: Fri, 26 Jan 2024 18:08:50 GMT
expires: Sat, 27 Jan 2024 18:08:50 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
vary: Origin
age: 54
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| yt4.ggpht.com/ytc/AIf8zZTvQPXfBMLeCSkiDK0FumI7LXwGCYO3VD-x6qaXRw=s32-c-k-c0x00ffffff-no-rj | 142.250.74.65 | | 1.2 kB |
URL yt4.ggpht.com/ytc/AIf8zZTvQPXfBMLeCSkiDK0FumI7LXwGCYO3VD-x6qaXRw=s32-c-k-c0x00ffffff-no-rj IP142.250.74.65:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 32x32, components 3 Hash370190935ea0e453f4a65e12db40f088 c485d163f48f04ba41f29324b52d8934c36942dc eca80d43497776df2343a3ae18fadf64b7eb95712cc10f27550b747e655613d3
GET /ytc/AIf8zZTvQPXfBMLeCSkiDK0FumI7LXwGCYO3VD-x6qaXRw=s32-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt4.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
server: fife
content-length: 1197
x-xss-protection: 0
date: Fri, 26 Jan 2024 16:45:57 GMT
expires: Sat, 27 Jan 2024 16:45:57 GMT
cache-control: public, max-age=86400, no-transform
etag: "v115"
content-type: image/jpeg
vary: Origin
age: 5027
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| yt4.ggpht.com/Cu4K6CJi9wiMypTcpwONPn3g0tnlFDbQC85hSYKSNJF0aAs9iYz6fLBIPsUUvSVdzPcEVT9J=s32-c-k-c0x00ffffff-no-rj | 142.250.74.65 | | 1.2 kB |
URL yt4.ggpht.com/Cu4K6CJi9wiMypTcpwONPn3g0tnlFDbQC85hSYKSNJF0aAs9iYz6fLBIPsUUvSVdzPcEVT9J=s32-c-k-c0x00ffffff-no-rj IP142.250.74.65:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 32x32, components 3 Hash3e74482d12b21cc64cf6e0d063b5d2f2 3a3b22110885182aa13a95658c76d80e75f71581 4aed43703855dd9b56e744b9374af51fbce00f0c73fddeac7fa08cbf22c18f69
GET /Cu4K6CJi9wiMypTcpwONPn3g0tnlFDbQC85hSYKSNJF0aAs9iYz6fLBIPsUUvSVdzPcEVT9J=s32-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt4.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
server: fife
content-length: 1164
x-xss-protection: 0
date: Fri, 26 Jan 2024 17:21:45 GMT
expires: Sat, 27 Jan 2024 17:21:45 GMT
cache-control: public, max-age=86400, no-transform
age: 2879
etag: "v1"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| yt4.ggpht.com/ytc/AIf8zZT6ocq_0g45zy44NrnMm6Soas053d1Yf_ngfsXq=s32-c-k-c0x00ffffff-no-rj | 142.250.74.65 | | 1.3 kB |
URL yt4.ggpht.com/ytc/AIf8zZT6ocq_0g45zy44NrnMm6Soas053d1Yf_ngfsXq=s32-c-k-c0x00ffffff-no-rj IP142.250.74.65:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 32x32, components 3 Hash66c34062523e077b37264ab6c5025997 2a7ef9154664b3d20a75e7454a11ac3bdd03080a 53a87ae5937b1554ca0d2bd21d5552b64aaea923c8326a65784e33a76950c807
GET /ytc/AIf8zZT6ocq_0g45zy44NrnMm6Soas053d1Yf_ngfsXq=s32-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt4.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
server: fife
content-length: 1334
x-xss-protection: 0
date: Fri, 26 Jan 2024 17:33:44 GMT
expires: Sat, 27 Jan 2024 17:33:44 GMT
cache-control: public, max-age=86400, no-transform
etag: "v54"
content-type: image/jpeg
vary: Origin
age: 2160
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| yt4.ggpht.com/ytc/AIf8zZR01M1mxNWCFaGE8MlbueBSf8sNhknn_NqDlA=s32-c-k-c0x00ffffff-no-rj | 142.250.74.65 | | 578 B |
URL yt4.ggpht.com/ytc/AIf8zZR01M1mxNWCFaGE8MlbueBSf8sNhknn_NqDlA=s32-c-k-c0x00ffffff-no-rj IP142.250.74.65:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 32x32, components 3 Hasha536108eabc5a14a019c1ab437b8337f 658a46f97fa1196e685fb405d40d257a88474567 527f21ee64e0861b8838868d9a630d90f6c8d8f2e18338f82b6c1e93b26839d9
GET /ytc/AIf8zZR01M1mxNWCFaGE8MlbueBSf8sNhknn_NqDlA=s32-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt4.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
server: fife
content-length: 578
x-xss-protection: 0
date: Fri, 26 Jan 2024 17:55:45 GMT
expires: Sat, 27 Jan 2024 17:55:45 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
vary: Origin
age: 839
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| yt4.ggpht.com/ytc/AIf8zZQ6EtPIY0MYnDIGpJI1LpNeBM_5Sn70ztcPu4l_=s32-c-k-c0x00ffffff-no-rj | 142.250.74.65 | | 1.2 kB |
URL yt4.ggpht.com/ytc/AIf8zZQ6EtPIY0MYnDIGpJI1LpNeBM_5Sn70ztcPu4l_=s32-c-k-c0x00ffffff-no-rj IP142.250.74.65:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 32x32, components 3 Hashd736bbc725866a7778be367f59942b33 e14f26f2ac3886acf2fc95cff6ff87960f27f40e 6f22aedf45da25f82081f6e4f1c6358c38da497ca7d02cb47f8b23b703be8051
GET /ytc/AIf8zZQ6EtPIY0MYnDIGpJI1LpNeBM_5Sn70ztcPu4l_=s32-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt4.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
server: fife
content-length: 1231
x-xss-protection: 0
date: Fri, 26 Jan 2024 15:05:47 GMT
expires: Sat, 27 Jan 2024 15:05:47 GMT
cache-control: public, max-age=86400, no-transform
age: 11037
etag: "v13"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| yt4.ggpht.com/ytc/AIf8zZS2ZHDFWdRAK5dNC5b-0X2jYTjKKMdQNdEoUYchAuvfQ3W58FiRFq7WfyO6Dati=s32-c-k-c0x00ffffff-no-rj | 142.250.74.65 | | 553 B |
URL yt4.ggpht.com/ytc/AIf8zZS2ZHDFWdRAK5dNC5b-0X2jYTjKKMdQNdEoUYchAuvfQ3W58FiRFq7WfyO6Dati=s32-c-k-c0x00ffffff-no-rj IP142.250.74.65:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 32x32, components 3 Hashb85191cff11c41d5408ad24267552920 0f388e76fe7071293f915a47fef7f39a4a75c00a 185fe864c335d0df74d11cb67baf7751e1f64630561822e5cb350eea87b58f89
GET /ytc/AIf8zZS2ZHDFWdRAK5dNC5b-0X2jYTjKKMdQNdEoUYchAuvfQ3W58FiRFq7WfyO6Dati=s32-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt4.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
server: fife
content-length: 553
x-xss-protection: 0
date: Fri, 26 Jan 2024 14:28:59 GMT
expires: Sat, 27 Jan 2024 14:28:59 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
vary: Origin
age: 13245
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/youtube/img/icons/web/youtube_outline/arrow-back/v1/24px.svg | 142.250.74.3 | | 127 B |
URL www.gstatic.com/youtube/img/icons/web/youtube_outline/arrow-back/v1/24px.svg IP142.250.74.3:0
File typeSVG Scalable Vector Graphics image Hasha4acef1ea251d74c737281d4b0848e20 811f4ffbd4fca96edef838cb8c3155a3137eac4a 052c15676e8072a7124963c43d1057cf85f781cbdbe604d7aed078869cdce1a0
GET /youtube/img/icons/web/youtube_outline/arrow-back/v1/24px.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
access-control-allow-origin: https://www.youtube.com
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 127
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Jan 2024 16:21:45 GMT
expires: Wed, 22 Jan 2025 16:21:45 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
age: 265680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/i/youtube_outline/arrow_down/v2/24px.svg | 142.250.74.99 | | 158 B |
URL fonts.gstatic.com/s/i/youtube_outline/arrow_down/v2/24px.svg IP142.250.74.99:0
File typeSVG Scalable Vector Graphics image Hash9c452955a4281f736c8786f3c0876419 104d443b65c15a1ca934fa449520dc81d3c067df 5968b4c826f14a991a83b0ff27573bd4a20fd5bb16f79140d399c2e7413bed10
GET /s/i/youtube_outline/arrow_down/v2/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 158
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Thu, 25 Jan 2024 06:36:29 GMT
expires: Fri, 24 Jan 2025 06:36:29 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Jan 2023 02:13:44 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 127996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/i/youtube_outline/x_mark/v4/24px.svg | 142.250.74.99 | | 181 B |
URL fonts.gstatic.com/s/i/youtube_outline/x_mark/v4/24px.svg IP142.250.74.99:0
File typeSVG Scalable Vector Graphics image Hash05a720716d71f9f56d6c0e5c4b47680a d24611c11e8cc3b158eb518f2298d1e35ce03e48 b90706d55c1e8b616bf8d677c195d09af8aa75bc669ba3a36a25480ca86f6926
GET /s/i/youtube_outline/x_mark/v4/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 181
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 26 Jan 2024 14:45:01 GMT
expires: Sat, 25 Jan 2025 14:45:01 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Jan 2023 02:13:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 12284
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| GET www.gstatic.com/youtube/img/icons/web/youtube_outline/arrow-forward/v1/24px.svg | 142.250.74.3 | 200 OK | 119 B |
URL GET HTTP/3www.gstatic.com/youtube/img/icons/web/youtube_outline/arrow-forward/v1/24px.svg IP142.250.74.3:443
Requested byhttps://www.youtube.com/live_chat?v=vKYKG4WCqTA&embed_domain=premiumhlzaa.miliongames.com&dark_theme=1 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint4C:E1:1E:E3:63:49:81:BB:F5:53:CE:44:91:07:8A:14:84:70:7F:66 ValidityTue, 02 Jan 2024 13:09:26 GMT - Tue, 26 Mar 2024 13:09:25 GMT
File typeSVG Scalable Vector Graphics image Hash0c670bae0de947b12873c0196253d69d 337a38e7416ed4ba85fa318b559531025a4ad0d2 bdbcd13010ab15b22fd1abcc9aec5beef8d2ca6cd8eeb12a46b10f43ab2c3b69
GET /youtube/img/icons/web/youtube_outline/arrow-forward/v1/24px.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
access-control-allow-origin: https://www.youtube.com
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 119
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Jan 2024 22:14:08 GMT
expires: Thu, 23 Jan 2025 22:14:08 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Feb 2023 23:38:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
age: 158137
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/i/youtube_outline/face_very_happy/v7/24px.svg | 142.250.74.99 | | 433 B |
URL fonts.gstatic.com/s/i/youtube_outline/face_very_happy/v7/24px.svg IP142.250.74.99:0
File typeSVG Scalable Vector Graphics image Hash2fe981d9e1e828c136220197e892aa63 16fccf2913f64e4a84f58d9a207f9b84fa6bb5d6 356698efd09203e102c0d2df8f7fbbd5f4a6ca5ba756a1f2ae82b1a01ae63ac6
GET /s/i/youtube_outline/face_very_happy/v7/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 433
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Jan 2024 05:55:45 GMT
expires: Fri, 24 Jan 2025 05:55:45 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 09 Jun 2023 21:48:04 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 130440
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| GET premiumhlzaa.miliongames.com/adasync.txt | 172.67.170.64 | 302 Found | 59 kB |
URL GET HTTP/3premiumhlzaa.miliongames.com/adasync.txt IP172.67.170.64:443
Requested byhttps://premiumhlzaa.miliongames.com/highlights CertificateIssuerGoogle Trust Services LLC Subjectmiliongames.com Fingerprint85:6D:15:E0:66:A8:94:D2:0E:63:C9:42:E3:99:B5:E4:D5:84:27:3B ValidityThu, 25 Jan 2024 21:31:10 GMT - Wed, 24 Apr 2024 21:31:09 GMT
Hashd26dcb447375291b48d0473199e46844 675369c4cc402191b670e35b716c742e02d18da0 4d53ebfefb966cf2d900fa70c3ad6e53e641a39efa763de766233742bd4e553b
GET /adasync.txt HTTP/1.1
Host: premiumhlzaa.miliongames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://premiumhlzaa.miliongames.com/highlights
DNT: 1
Connection: keep-alive
Cookie: advanced_ads_browser_width=1280; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-functional=no; cookielawinfo-checkbox-performance=no; cookielawinfo-checkbox-analytics=no; cookielawinfo-checkbox-advertisement=no; cookielawinfo-checkbox-others=no; bp-activity-oldestpage=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Fri, 26 Jan 2024 18:09:40 GMT
content-type: text/html; charset=UTF-8
location: https://miliongames.com
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-frame-options: https://premiumovyan.miliongames.com/highlights, SAMEORIGIN
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uPuFKjsaQfsoT6frD%2FZMbuAs1A39cUagDHzmEc0QBsdh%2BeR9gUmYJ5SAQvk5ujGP5sy%2BE8RNy2EV9DDbDH5MNnl41LgX%2Bj%2BHqCyQnw1V28mskLDiu9kwAznXrw4t%2B9FCzquqAkl2xJtiX3wcob5z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 84bab553cd76b521-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/youtube/img/icons/web/youtube_outline/moderator/v1/16px.svg | 142.250.74.3 | | 275 B |
URL www.gstatic.com/youtube/img/icons/web/youtube_outline/moderator/v1/16px.svg IP142.250.74.3:0
File typeSVG Scalable Vector Graphics image Hash1d73c577011d31e4fec466fbdacf2571 0d5760dfa78658f17125750feac8f1dcd570708d e3dbc34f301244d3fa8403ed47c0068205fd8f0040e19eccf6644e5696dc8843
GET /youtube/img/icons/web/youtube_outline/moderator/v1/16px.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
access-control-allow-origin: https://www.youtube.com
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 275
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Jan 2024 09:02:29 GMT
expires: Sat, 25 Jan 2025 09:02:29 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 16 Feb 2023 00:18:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
age: 32836
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/youtube/img/icons/web/youtube_fill/youtube_round/v1/24px.svg | 142.250.74.3 | | 761 B |
URL www.gstatic.com/youtube/img/icons/web/youtube_fill/youtube_round/v1/24px.svg IP142.250.74.3:0
File typeSVG Scalable Vector Graphics image Hash06360ff211b374afc9473faea2886095 6e40ec924c7ca539185adbf78566daefeb5b97bc eea10f57c4e2a6677142feec3f9353399d500be403c61c5456881396adf6fee3
GET /youtube/img/icons/web/youtube_fill/youtube_round/v1/24px.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
access-control-allow-origin: https://www.youtube.com
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 761
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Jan 2024 06:30:06 GMT
expires: Sat, 25 Jan 2025 06:30:06 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 10 Feb 2023 01:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
age: 41979
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/i/youtube_outline/arrow_up/v2/24px.svg | 142.250.74.99 | | 155 B |
URL fonts.gstatic.com/s/i/youtube_outline/arrow_up/v2/24px.svg IP142.250.74.99:0
File typeSVG Scalable Vector Graphics image Hashdff69aa895e01665a126fc2141c94fe5 4064d2365e13c8a346b1d4bbe31becd3a18cf5b1 811e9985be1ac4e4d630f4b232ceee366801cb5f82ee306a574c1ce9f844f673
GET /s/i/youtube_outline/arrow_up/v2/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 155
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Thu, 25 Jan 2024 04:35:55 GMT
expires: Fri, 24 Jan 2025 04:35:55 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Jan 2023 02:13:35 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 135230
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/i/youtube_outline/send/v3/24px.svg | 142.250.74.99 | | 178 B |
URL fonts.gstatic.com/s/i/youtube_outline/send/v3/24px.svg IP142.250.74.99:0
File typeSVG Scalable Vector Graphics image Hashc2b9a4949be7ac57fc387e7a94bd23e6 73fe819fec6416d54a4cf90f17aaabcc3f8305d0 8c851af847046612289548a6d50c4e77dc55a9efbb0bca9128723422cac4a4f5
GET /s/i/youtube_outline/send/v3/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 178
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Thu, 25 Jan 2024 03:16:59 GMT
expires: Fri, 24 Jan 2025 03:16:59 GMT
cache-control: public, max-age=31536000
age: 139966
last-modified: Thu, 16 Nov 2023 20:25:55 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/i/youtube_outline/chevron_down/v7/24px.svg | 142.250.74.99 | | 141 B |
URL fonts.gstatic.com/s/i/youtube_outline/chevron_down/v7/24px.svg IP142.250.74.99:0
File typeSVG Scalable Vector Graphics image Hashc62423fdc7866b06af4889be619900a2 93beee6dea1f9cb906b794f182949f357aac06d0 c47564ecc26a15c0a2381733fbf821edfdcc17a4a8b946380b6308c6381517df
GET /s/i/youtube_outline/chevron_down/v7/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 141
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 26 Jan 2024 11:45:54 GMT
expires: Sat, 25 Jan 2025 11:45:54 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Jan 2023 02:14:07 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 23031
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| POST sghb.aplhb.adipolo.com/adunit/multitracking | 185.239.172.170 | 204 No Content | 0 B |
URL POST HTTP/1.1sghb.aplhb.adipolo.com/adunit/multitracking IP185.239.172.170:443
Requested byhttps://premiumhlzaa.miliongames.com/highlights CertificateIssuerZeroSSL Subjectsghb.aplhb.adipolo.com FingerprintDF:54:D9:55:B7:4D:AD:FD:A6:6C:0E:BE:20:C5:1A:4A:6D:2F:7E:88 ValidityMon, 22 Jan 2024 00:00:00 GMT - Sun, 21 Apr 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adunit/multitracking HTTP/1.1
Host: sghb.aplhb.adipolo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 9249
Origin: https://premiumhlzaa.miliongames.com
DNT: 1
Connection: keep-alive
Referer: https://premiumhlzaa.miliongames.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: fasthttp
Date: Fri, 26 Jan 2024 18:09:46 GMT
Access-Control-Allow-Origin: https://premiumhlzaa.miliongames.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
|
|
| waaw.ac/js/d_check.js?35 | 190.115.19.71 | | 1.1 kB |
IP190.115.19.71:0 ASN#262254 DDOS-GUARD CORP.
File typeJavaScript source, ASCII text, with very long lines (821) Hashcc58687e068922c3c6cd915e90ce82a6 4560b7b212b7a3ea4daab7f679cfee37e4493bf8 88e33d38aa577708d4cb0230edfddbbc348ed7dd6af3224797bee28eae0f2c7a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /js/d_check.js?35 HTTP/1.1
Host: waaw.ac
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://waaw.ac/e/yyy?http_referer=&embed_from=embed_from&data_r=bbe9a7ada9fbcde7ee68418363ca8260
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Jan 2024 18:09:40 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 01 Oct 2023 06:10:30 GMT
etag: W/"65190d56-d80"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
|
|
| signaler-pa.youtube.com/punctual/v1/chooseServer?key=AIzaSyDZNkyC-AtROwMBpLfevIvqYk-Gfi8ZOeo | 142.250.74.110 | | 49 B |
URL signaler-pa.youtube.com/punctual/v1/chooseServer?key=AIzaSyDZNkyC-AtROwMBpLfevIvqYk-Gfi8ZOeo IP142.250.74.110:0
Hash483f68931f0acfda8d45ff42bd7f96f0 6381119f5d2b50761e88ddbe7c548994096e3586 f5cbce243a5fcdd3706faccaefc5bb54b2a1dff63e2af75a9186f6366888a5eb
POST /punctual/v1/chooseServer?key=AIzaSyDZNkyC-AtROwMBpLfevIvqYk-Gfi8ZOeo HTTP/1.1
Host: signaler-pa.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json+protobuf
Content-Length: 94
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
date: Fri, 26 Jan 2024 18:09:46 GMT
server: ESF
content-length: 49
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| OPTIONS signaler-pa.youtube.com/punctual/multi-watch/channel?VER=8&gsessionid=1UJVEeWSO6tZFYFh-R45ahLxFaAXqd_ySecnczA9j7E&key=AIzaSyDZNkyC-AtROwMBpLfevIvqYk-Gfi8ZOeo&RID=72611&CVER=22&zx=ehme4jbctq5n&t=1 | 142.250.74.110 | 200 OK | 0 B |
URL OPTIONS HTTP/3signaler-pa.youtube.com/punctual/multi-watch/channel?VER=8&gsessionid=1UJVEeWSO6tZFYFh-R45ahLxFaAXqd_ySecnczA9j7E&key=AIzaSyDZNkyC-AtROwMBpLfevIvqYk-Gfi8ZOeo&RID=72611&CVER=22&zx=ehme4jbctq5n&t=1 IP142.250.74.110:443
Requested byhttps://www.youtube.com/live_chat?v=vKYKG4WCqTA&embed_domain=premiumhlzaa.miliongames.com&dark_theme=1 CertificateIssuerGoogle Trust Services LLC Subject*.google.com FingerprintC5:94:19:42:28:3A:57:36:10:5E:4A:4E:7B:CE:5E:33:B7:50:8D:89 ValidityTue, 02 Jan 2024 13:02:52 GMT - Tue, 26 Mar 2024 13:02:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /punctual/multi-watch/channel?VER=8&gsessionid=1UJVEeWSO6tZFYFh-R45ahLxFaAXqd_ySecnczA9j7E&key=AIzaSyDZNkyC-AtROwMBpLfevIvqYk-Gfi8ZOeo&RID=72611&CVER=22&zx=ehme4jbctq5n&t=1 HTTP/1.1
Host: signaler-pa.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-webchannel-content-type
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: x-webchannel-content-type
date: Fri, 26 Jan 2024 18:09:46 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| OPTIONS signaler-pa.youtube.com/punctual/multi-watch/channel?VER=8&gsessionid=1UJVEeWSO6tZFYFh-R45ahLxFaAXqd_ySecnczA9j7E&key=AIzaSyDZNkyC-AtROwMBpLfevIvqYk-Gfi8ZOeo&RID=72611&CVER=22&zx=ehme4jbctq5n&t=1 | 142.250.74.110 | 200 OK | 54 B |
URL OPTIONS HTTP/3signaler-pa.youtube.com/punctual/multi-watch/channel?VER=8&gsessionid=1UJVEeWSO6tZFYFh-R45ahLxFaAXqd_ySecnczA9j7E&key=AIzaSyDZNkyC-AtROwMBpLfevIvqYk-Gfi8ZOeo&RID=72611&CVER=22&zx=ehme4jbctq5n&t=1 IP142.250.74.110:443
Requested byhttps://www.youtube.com/live_chat?v=vKYKG4WCqTA&embed_domain=premiumhlzaa.miliongames.com&dark_theme=1 CertificateIssuerGoogle Trust Services LLC Subject*.google.com FingerprintC5:94:19:42:28:3A:57:36:10:5E:4A:4E:7B:CE:5E:33:B7:50:8D:89 ValidityTue, 02 Jan 2024 13:02:52 GMT - Tue, 26 Mar 2024 13:02:51 GMT
Hashbc5cedbae6a2d665e556417aa86959f5 c1eb40868d511c6842a33a1f98289b06327f3e61 819b44ce9bb64c3411f0c3eacef73bd515130cadf2bd9ed58ac632a76329f3b9
POST /punctual/multi-watch/channel?VER=8&gsessionid=1UJVEeWSO6tZFYFh-R45ahLxFaAXqd_ySecnczA9j7E&key=AIzaSyDZNkyC-AtROwMBpLfevIvqYk-Gfi8ZOeo&RID=72611&CVER=22&zx=ehme4jbctq5n&t=1 HTTP/1.1
Host: signaler-pa.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-WebChannel-Content-Type: application/json+protobuf
Content-Type: application/x-www-form-urlencoded
Content-Length: 233
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
x-client-wire-protocol: h3
content-type: text/plain; charset=utf-8
date: Fri, 26 Jan 2024 18:09:46 GMT
server: ESF
content-length: 54
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
vary: origin
access-control-allow-credentials: true
access-control-expose-headers: x-client-wire-protocol
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/youtubei/v1/live_chat/get_live_chat?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false | 142.250.74.110 | | 2.0 kB |
URL www.youtube.com/youtubei/v1/live_chat/get_live_chat?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false IP142.250.74.110:0
Hashbac2783e8ad3572eeb653cea3adce182 67ec0c5c4c093ebdd2ce2824ce1907a70e00983f 49f6ca401f7715e418ce2a369af84beb123bd87091245e40e07fa39b6b8ff0e8
POST /youtubei/v1/live_chat/get_live_chat?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/live_chat?v=vKYKG4WCqTA&embed_domain=premiumhlzaa.miliongames.com&dark_theme=1
Content-Type: application/json
X-Goog-Visitor-Id: CgtKYTVzMjA1NWliNCjk6s-tBjIOCgJOTxIIEgQSAgsMICg%3D
X-Youtube-Bootstrap-Logged-In: false
X-Youtube-Client-Name: 1
X-Youtube-Client-Version: 2.20240123.06.00
Content-Length: 2849
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Fri, 26 Jan 2024 18:09:46 GMT
server: scaffolding on HTTPServer2
content-length: 2017
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+645; expires=Sun, 25-Jan-2026 18:09:46 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 Jan 2024 18:09:46 GMT
cache-control: private
|
|
| POST sghb.aplhb.adipolo.com/adunit/multitracking | 185.239.172.170 | 204 No Content | 0 B |
URL POST HTTP/1.1sghb.aplhb.adipolo.com/adunit/multitracking IP185.239.172.170:443
Requested byhttps://premiumhlzaa.miliongames.com/highlights CertificateIssuerZeroSSL Subjectsghb.aplhb.adipolo.com FingerprintDF:54:D9:55:B7:4D:AD:FD:A6:6C:0E:BE:20:C5:1A:4A:6D:2F:7E:88 ValidityMon, 22 Jan 2024 00:00:00 GMT - Sun, 21 Apr 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adunit/multitracking HTTP/1.1
Host: sghb.aplhb.adipolo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 11369
Origin: https://premiumhlzaa.miliongames.com
DNT: 1
Connection: keep-alive
Referer: https://premiumhlzaa.miliongames.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: fasthttp
Date: Fri, 26 Jan 2024 18:09:47 GMT
Access-Control-Allow-Origin: https://premiumhlzaa.miliongames.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
|
|
| GET player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fpremiumhlzaa.miliongames.com%2Fhighlights | 45.133.44.4 | 200 OK | 16 kB |
URL GET HTTP/2player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fpremiumhlzaa.miliongames.com%2Fhighlights IP45.133.44.4:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://premiumhlzaa.miliongames.com/highlights CertificateIssuerLet's Encrypt Subjectplayer.adtelligent.com Fingerprint8D:E2:BA:43:CD:C4:C7:6D:C2:CB:B3:C2:A6:7A:71:9F:CB:A0:9F:03 ValiditySun, 14 Jan 2024 03:01:19 GMT - Sat, 13 Apr 2024 03:01:18 GMT
File typegzip compressed data, from Unix Hash54f53cb9f98fb474c57eb7b3b26d9055 7a8cfd6055457e935eb247d603914e77bdcbb2e8 8c93e47d9afc1a41c10644a31c7323272dba9cbf009bff1a01a25153d3c251ed
GET /exchange_rates/313490/config.json?cb=https%3A%2F%2Fpremiumhlzaa.miliongames.com%2Fhighlights HTTP/1.1
Host: player.adtelligent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://premiumhlzaa.miliongames.com
DNT: 1
Connection: keep-alive
Referer: https://premiumhlzaa.miliongames.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Jan 2024 18:09:42 GMT
content-type: application/json
server: nginx
last-modified: Fri, 26 Jan 2024 12:01:34 GMT
etag: W/"65b39f1e-2aa9"
cache-control: max-age=86400
content-encoding: gzip
expires: Sat, 27 Jan 2024 18:09:42 GMT
access-control-allow-origin: https://premiumhlzaa.miliongames.com
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| POST sghb.aplhb.adipolo.com/adunit/multitracking | 185.239.172.170 | 204 No Content | 0 B |
URL POST HTTP/1.1sghb.aplhb.adipolo.com/adunit/multitracking IP185.239.172.170:443
Requested byhttps://premiumhlzaa.miliongames.com/highlights CertificateIssuerZeroSSL Subjectsghb.aplhb.adipolo.com FingerprintDF:54:D9:55:B7:4D:AD:FD:A6:6C:0E:BE:20:C5:1A:4A:6D:2F:7E:88 ValidityMon, 22 Jan 2024 00:00:00 GMT - Sun, 21 Apr 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adunit/multitracking HTTP/1.1
Host: sghb.aplhb.adipolo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2233
Origin: https://premiumhlzaa.miliongames.com
DNT: 1
Connection: keep-alive
Referer: https://premiumhlzaa.miliongames.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: fasthttp
Date: Fri, 26 Jan 2024 18:09:49 GMT
Access-Control-Allow-Origin: https://premiumhlzaa.miliongames.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
|
|
| waaw.ac/js/jquery-eu-cookie-law-popup.js?4 | 190.115.19.71 | | 2.7 kB |
URL waaw.ac/js/jquery-eu-cookie-law-popup.js?4 IP190.115.19.71:0 ASN#262254 DDOS-GUARD CORP.
File typeJavaScript source, ASCII text, with CRLF line terminators Hash22c8e688031399af4810b7db64dc6c7e 1891e103fa545f8ac643bcbd2b2771b9730762b2 d1014f84b24e43a54fa1b087e24ed1eabc7603218970ddb845615a847eeb6869
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /js/jquery-eu-cookie-law-popup.js?4 HTTP/1.1
Host: waaw.ac
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://waaw.ac/f/MJcrktS91uFtPongo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Jan 2024 18:09:37 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 11 Mar 2017 18:54:04 GMT
etag: W/"58c447cc-22d5"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
|
|
| POST sghb.aplhb.adipolo.com/adunit/multitracking | 185.239.172.170 | 204 No Content | 0 B |
URL POST HTTP/1.1sghb.aplhb.adipolo.com/adunit/multitracking IP185.239.172.170:443
Requested byhttps://premiumhlzaa.miliongames.com/highlights CertificateIssuerZeroSSL Subjectsghb.aplhb.adipolo.com FingerprintDF:54:D9:55:B7:4D:AD:FD:A6:6C:0E:BE:20:C5:1A:4A:6D:2F:7E:88 ValidityMon, 22 Jan 2024 00:00:00 GMT - Sun, 21 Apr 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adunit/multitracking HTTP/1.1
Host: sghb.aplhb.adipolo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2233
Origin: https://premiumhlzaa.miliongames.com
DNT: 1
Connection: keep-alive
Referer: https://premiumhlzaa.miliongames.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: fasthttp
Date: Fri, 26 Jan 2024 18:09:55 GMT
Access-Control-Allow-Origin: https://premiumhlzaa.miliongames.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 444 B |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0
File typeXML 1.0 document, ASCII text, with very long lines (332) Hash3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-02-29-06-55-23.chain; p384ecdsa=Rd5K8SG5qW6Xjn8nYe4o_OYofKLwBKe3L2r_gGdLU2PchvYGOsTqMrLWuQKKkTbSigh6ENxqBFVRzu-HjMMXP-9_h-4Nkz6FNmBodM0VfidoequJxa_xhRfsSqPNq1Tn
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
content-length: 444
date: Fri, 26 Jan 2024 18:08:24 GMT
age: 92
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.youtube.com/youtubei/v1/live_chat/get_live_chat?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false | 142.250.74.110 | | 2.0 kB |
URL www.youtube.com/youtubei/v1/live_chat/get_live_chat?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false IP142.250.74.110:0
Hashccc8178b727a918e43b143a595467006 93c2ae51b2951789a788893d67b67fd30fcf04ce bde49dc684e5f381b8fdec2755818ce81c87b4ce1e4a1c2ecee82a0430dde382
POST /youtubei/v1/live_chat/get_live_chat?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/live_chat?v=vKYKG4WCqTA&embed_domain=premiumhlzaa.miliongames.com&dark_theme=1
Content-Type: application/json
X-Goog-Visitor-Id: CgtKYTVzMjA1NWliNCjk6s-tBjIOCgJOTxIIEgQSAgsMICg%3D
X-Youtube-Bootstrap-Logged-In: false
X-Youtube-Client-Name: 1
X-Youtube-Client-Version: 2.20240123.06.00
Content-Length: 2818
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Fri, 26 Jan 2024 18:09:56 GMT
server: scaffolding on HTTPServer2
content-length: 2032
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+441; expires=Sun, 25-Jan-2026 18:09:56 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 Jan 2024 18:09:56 GMT
cache-control: private
|
|
| POST sghb.aplhb.adipolo.com/adunit/multitracking | 185.239.172.170 | 204 No Content | 0 B |
URL POST HTTP/1.1sghb.aplhb.adipolo.com/adunit/multitracking IP185.239.172.170:443
Requested byhttps://premiumhlzaa.miliongames.com/highlights CertificateIssuerZeroSSL Subjectsghb.aplhb.adipolo.com FingerprintDF:54:D9:55:B7:4D:AD:FD:A6:6C:0E:BE:20:C5:1A:4A:6D:2F:7E:88 ValidityMon, 22 Jan 2024 00:00:00 GMT - Sun, 21 Apr 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adunit/multitracking HTTP/1.1
Host: sghb.aplhb.adipolo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2232
Origin: https://premiumhlzaa.miliongames.com
DNT: 1
Connection: keep-alive
Referer: https://premiumhlzaa.miliongames.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: fasthttp
Date: Fri, 26 Jan 2024 18:10:00 GMT
Access-Control-Allow-Origin: https://premiumhlzaa.miliongames.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
|
|
| GET unpkg.com/jquery@2.2.4/dist/jquery.min.js | 104.16.123.175 | 200 OK | 86 kB |
URL GET HTTP/2unpkg.com/jquery@2.2.4/dist/jquery.min.js IP104.16.123.175:443
Requested byhttps://waaw.ac/e/yyy?http_referer=&embed_from=embed_from&data_r=bbe9a7ada9fbcde7ee68418363ca8260 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32065) Hash2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /jquery@2.2.4/dist/jquery.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://waaw.ac/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Jan 2024 18:09:40 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Fri, 20 May 2016 17:24:42 GMT
etag: W/"14e4a-abtp4lyn1e8JNTF1hOYVPz/ZqIw"
via: 1.1 fly.io
fly-request-id: 01HG7A5H86SEST4VJG58SVVY7Z-arn
cf-cache-status: HIT
age: 5239983
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 84bab556cfc61c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| GET arkadyczsk.com/wp-content/plugins/advanced-ads-tracking/public/assets/js/dist/tracking.min.js?ver=2.0.1 | 172.67.199.220 | 200 OK | 9.7 kB |
URL GET HTTP/2arkadyczsk.com/wp-content/plugins/advanced-ads-tracking/public/assets/js/dist/tracking.min.js?ver=2.0.1 IP172.67.199.220:443
Requested byhttps://premiumhlzaa.miliongames.com/highlights CertificateIssuerLet's Encrypt Subjectarkadyczsk.com Fingerprint4E:0C:EA:37:32:A6:50:95:EB:F5:F8:98:54:B9:65:31:E3:FB:40:16 ValiditySat, 09 Dec 2023 19:49:30 GMT - Fri, 08 Mar 2024 19:49:29 GMT
File typeJavaScript source, ASCII text, with very long lines (9938), with no line terminators Hashedf695da67fc416c197ce53707511b85 cd00e70b885f3a1485ab4f82c4d59d74f1bd9950 415c7bb62d6b1fd6776b70cf3385258f0332b49a4fbfbac7502f06ace8115f2a
GET /wp-content/plugins/advanced-ads-tracking/public/assets/js/dist/tracking.min.js?ver=2.0.1 HTTP/1.1
Host: arkadyczsk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://premiumhlzaa.miliongames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Jan 2024 18:09:39 GMT
content-type: application/javascript
last-modified: Wed, 11 Oct 2023 23:10:24 GMT
vary: Accept-Encoding
etag: W/"65272b60-2610"
expires: Sat, 27 Jan 2024 10:52:08 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2531851
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DqsPVDfrgZXbIUh8MjwgknD%2BinI01maZA6Xqvkf8RVVBTQr3aQFPsECdN0Am8kzlAlTuL0RakTMMlTgzsjuOXsZ%2FyU4tqBTQPwWuLnksuz6iSFa8pDK7CpQWpd4oXk7V1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 84bab54cbfe7b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| GET www.youtube.com/live_chat?v=vKYKG4WCqTA&embed_domain=premiumhlzaa.miliongames.com&dark_theme=1 | 142.250.74.110 | 200 OK | 228 kB |
URL GET HTTP/2www.youtube.com/live_chat?v=vKYKG4WCqTA&embed_domain=premiumhlzaa.miliongames.com&dark_theme=1 IP142.250.74.110:443
Requested byhttps://premiumhlzaa.miliongames.com/highlights CertificateIssuerGoogle Trust Services LLC Subject*.google.com FingerprintC5:94:19:42:28:3A:57:36:10:5E:4A:4E:7B:CE:5E:33:B7:50:8D:89 ValidityTue, 02 Jan 2024 13:02:52 GMT - Tue, 26 Mar 2024 13:02:51 GMT
Size228 kB (228130 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /live_chat?v=vKYKG4WCqTA&embed_domain=premiumhlzaa.miliongames.com&dark_theme=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://premiumhlzaa.miliongames.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Jan 2024 18:09:40 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=_Wa_1uplSo4; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=; Domain=.youtube.com; Expires=Sat, 01-May-2021 18:09:40 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+311; expires=Sun, 25-Jan-2026 18:09:40 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
0.0.0.0